Articles about Ransomware

Trellix has published its latest CyberThreat Report: October 2025, highlighting a clear rise in the use of AI-powered tools and malware by cybercriminals.

Drawing on global threat intelligence gathered between April and September 2025, the report explores how automation, geopolitics, and AI are reshaping modern attack methods.

Continue reading →

A new study from OpenText of nearly 1,800 global IT and security leaders shows a false sense of confidence in ransomware readiness.

The report shows that 95 percent of respondents say they’re confident in their ransomware recovery -- yet only 15 percent of those attacked have fully recovered their data.

Continue reading →

ESET has added new ransomware recovery and scam protection capabilities to its consumer and small business products. The security firm's latest offerings, ESET HOME Security and ESET Small Business Security, bring its enterprise-grade Ransomware Remediation feature to homes and small offices for the first time.

Ransomware incidents remain among the most damaging forms of cybercrime worldwide. ESET’s Ransomware Remediation system automatically creates encrypted backups when a threat is detected, so that users can restore any affected files once the attack has been neutralized, hopefully minimizing downtime and data loss.

Continue reading →

The frequency of ransomware attacks has dropped from eight incidents per organization to five or six incidents in the last year, but at the same time the average ransomware payment has surged by more than a million dollars, from $2.5M to $3.6M.

A new Global Threat Landscape report from ExtraHop, based on research by Censuswide, finds threat actors are shifting away from broad, indiscriminate attacks to a more targeted approach that yields better results.

Continue reading →

New data from BlackFog shows publicly disclosed ransomware attacks continued to set new records in the third quarter of this year, with 270 attacks -- a 36 percent increase compared to the same quarter in 2024 (198 attacks). This also represents a 335 percent increase since Q3 2020, underscoring the continued rise in attacks over the last five years.

Between July and September, publicly disclosed attacks were attributed to 54 ransomware groups. As in Q2, the Qilin ransomware gang was the most active, responsible for 20 incidents during the period. Notably, approximately 40 percent (107) of reported attacks have not yet been attributed to any known ransomware group.

Continue reading →

Cybercrime has become a global epidemic, with costs soaring across sectors and borders. But who’s paying the price and how has that changed since the turn of the century?

Researchers from vpnMentor have analyzed 25 years of FBI Internet Crime Complaint Center (IC3) data along with a review of major global incidents to discover the cost of cybercrime and how it’s evolving.

Continue reading →

New research from Comparitech, based on data from its worldwide ransomware tracker, finds a 30 percent rise in ransomware attacks on healthcare businesses in the first nine months of 2025.

It recorded 293 ransomware attacks on hospitals, clinics, and other direct care providers -- a similar number to 2024 -- but there were a further 130 attacks on businesses operating within the healthcare sector, such as pharmaceutical/medical manufacturers, medical billing providers, and healthcare tech companies.

Continue reading →

The Scattered Spider group seems to have switched from high-profile attacks on UK retailers to new campaigns targeting the insurance sector. The group has recently been linked to ransomware incidents affecting US-based Philadelphia Insurance and Erie Insurance, which operates in both the UK and the US.

We spoke to Danny Howett, technical director at global cybersecurity consultancy CyXcel, to discuss why insurance is such an attractive target and some practical steps insurers can take to shore up their defences against increasingly organised cybercriminals.

Continue reading →

Phishing has overtaken all other vectors as the leading entry point for ransomware, cited by 35 percent of affected organizations, up sharply from 25 percent in 2024.

This is one of the findings of a new report from SpyCloud which also shows that 85 percent of organizations were affected by ransomware at least once in the past year, with nearly a third (31 percent) reporting six to 10 ransomware events in the last year.

Continue reading →

A new report from risk solutions company Resilience shows in the first half of 2025, the average cost of an individual ransomware attack rose by 17 percent, while the volume of incurred claims across Resilience's portfolio dropped by 53 percent, highlighting the persistent and destructive threat of financially motivated cybercrime.

Ransomware accounted for almost all (91 percent) of incurred losses, while financially motivated social engineering, especially via tailored attacks bolstered by AI-powered phishing content, fueled 88 percent.

Continue reading →

New data from Check Point Research reveals a sharp rise in cyberattacks globally, with business services, healthcare, and manufacturing among the hardest hit sectors.

Ransomware incidents in particular have surged, with 487 attacks reported in July, a 41 percent increase year-on-year. North America accounted for 56 percent of all reported ransomware cases, followed by Europe at 24 percent.

Continue reading →

New analysis from Forescout of more than 23,000 vulnerabilities and 885 threat actors across 159 countries worldwide during the first half of 2025 finds 47 percent of newly exploited vulnerabilities were originally published before 2025, and zero-day exploitation has increased 46 percent.

The report also shows ransomware attacks are averaging 20 incidents per day, zero-day exploits increased 46 percent, and attackers are increasingly targeting non-traditional equipment, such as edge devices, IP cameras and BSD servers. These footholds are often used for lateral movement across IT, OT, and IoT environments, allowing threat actors to get deeper into networks and compromise critical systems.

Continue reading →

A new report from Semperis, based on a study of almost 1,500 organizations globally, shows that hackers are stepping up threat levels and ransomware is still a global epidemic.

In 40 percent of attacks threat actors threatened to physically harm executives at organizations that declined to pay a ransom demand. US-based companies experienced physical threats 46 percent of the time, while 44 percent of German firms experienced similar forms of intimidation.

Continue reading →

According to a new report 45 percent of MSPs admit to having a dedicated pool of money set aside for ransomware payments. This is despite increasing pressure from insurers and global governments to avoid paying ransoms to stop fueling criminal enterprises and encourage proactive resilience.

The findings, from cyber risk specialist CyberSmart, also show that 36 percent opt to protect themselves with cyber insurance instead. Worryingly though, 11 percent of MSPs say they have no dedicated budget for ransomware payments or cyber insurance, in many cases leaving them without a contingency plan.

Continue reading →

The Matanbuchus malware loader is not new – it has been around for at least 4 years – but it has evolved into something incredibly dangerous.

Matanbuchus 3.0 has been found targeting victims as part of a ransomware attack. Described as being “highly targeted”, the cyberattack campaign uses Microsoft Teams as a delivery method for the latest version of the malware loader. The highly sophisticated attack employs a Microsoft Teams call impersonating an IT helpdesk.

Continue reading →