Articles about Ransomware

New analysis from Forescout of more than 23,000 vulnerabilities and 885 threat actors across 159 countries worldwide during the first half of 2025 finds 47 percent of newly exploited vulnerabilities were originally published before 2025, and zero-day exploitation has increased 46 percent.

The report also shows ransomware attacks are averaging 20 incidents per day, zero-day exploits increased 46 percent, and attackers are increasingly targeting non-traditional equipment, such as edge devices, IP cameras and BSD servers. These footholds are often used for lateral movement across IT, OT, and IoT environments, allowing threat actors to get deeper into networks and compromise critical systems.

Continue reading →

A new report from Semperis, based on a study of almost 1,500 organizations globally, shows that hackers are stepping up threat levels and ransomware is still a global epidemic.

In 40 percent of attacks threat actors threatened to physically harm executives at organizations that declined to pay a ransom demand. US-based companies experienced physical threats 46 percent of the time, while 44 percent of German firms experienced similar forms of intimidation.

Continue reading →

According to a new report 45 percent of MSPs admit to having a dedicated pool of money set aside for ransomware payments. This is despite increasing pressure from insurers and global governments to avoid paying ransoms to stop fueling criminal enterprises and encourage proactive resilience.

The findings, from cyber risk specialist CyberSmart, also show that 36 percent opt to protect themselves with cyber insurance instead. Worryingly though, 11 percent of MSPs say they have no dedicated budget for ransomware payments or cyber insurance, in many cases leaving them without a contingency plan.

Continue reading →

The Matanbuchus malware loader is not new – it has been around for at least 4 years – but it has evolved into something incredibly dangerous.

Matanbuchus 3.0 has been found targeting victims as part of a ransomware attack. Described as being “highly targeted”, the cyberattack campaign uses Microsoft Teams as a delivery method for the latest version of the malware loader. The highly sophisticated attack employs a Microsoft Teams call impersonating an IT helpdesk.

Continue reading →

The second quarter of this year has seen a 63 percent increase in publicly disclosed ransomware attack volumes, with a total of 276 incidents compared to Q2 2024, according to the latest report from BlackFog.

This represents the highest number of attacks for this timeframe since the company began tracking ransomware volumes in 2020. All three months in the quarter set a new high compared with the same time period in previous years. June saw 113 percent increase with a total of 96 attacks. There was a 51 percent increase in April with a total of 89 attacks, and a 40 percent increase in May with 91 attacks.

Continue reading →

Encryption adoption has soared to 94 percent, but inconsistent application continues to put sensitive data at risk, finds a new survey.

The study from secure storage maker Apricorn shows that 59 percent of IT security decision makers say encryption has increased, allowing them to better protect their data, including on lost/stolen devices.

Continue reading →

The number of active ransomware groups has jumped 45 percent in the past year, according to a new report from GuidePoint Security’s GRIT team.

Covering Q2 2025, the report outlines how cybercriminals are regrouping, rebranding and using recycled tools to launch fresh attacks across industries.

Continue reading →

There are large numbers of ransomware groups operating around the world, some of which have been conducting their nefarious work for years. There are older which are rather less long in the tooth, such as the recently formed SatanLock.

The group has been in existence for mere months, popping up in April this year. Responsible for a spate of attacks over a number of weeks, the ransomware group has announced that it is already shutting up shop. More than this, it plans to leak any data it has stolen.

Continue reading →

A new study from Comparitech, based on data collected from 2,600 attacks between 2018 and 2023, shows the average time for a US company to report a data breach following a ransomware attack is 4.1 months.

From 2018 to 2023, the average time to report a ransomware breach has increased, rising from 2.1 months in 2018 to just over five months in 2023. Healthcare has the lowest reporting time with 3.7 months, while businesses (4.2 months) and government entities (4.1 months) are similar.

Continue reading →

The conventional formula for maintaining business continuity in the face of unexpected IT disruptions is as follows: Back up your data. Make a recovery plan. Test the recovery plan periodically.

That approach may work well enough if your primary concern is defending against risks like server failures or data center outages caused by natural disasters. But in the present age of widespread ransomware attacks, conventional backup and recovery planning aren’t always enough.

Continue reading →

Between April 2024 and March 2025, ransomware attacks escalated with unpredictable campaigns across a wide range of industries. The number of publicly disclosed victims also saw a 24 percent increase from the previous year.

A new report from Black Kite shows this follows a steep rise in the previous period with an 81 percent surge, amounting to a 123 percent increase over two years. Ransomware was responsible for 67 percent of known third-party breaches.

Continue reading →

On today's International Anti-Ransomware Day, cybersecurity company SentinelOne has publishes a blog looking at on how ransomware has evolved over the past 10 years.

It highlights how Ransomware-as-a-Service (RaaS) has matured into a scalable, profit-driven model, with revenue-sharing, affiliate recruitment, and performance incentives fuelling rapid expansion across the cybercrime ecosystem.

Continue reading →

New analysis by Comparitech shows that government entities remain a frequent target for ransomware gangs.

Of the 39 confirmed attacks -- where the organization publicly acknowledges what's happened -- in April, 21 were on businesses, nine on government entities, six on healthcare companies and three on educational institutions.

Continue reading →

Cybercriminals are pivoting to stealthier tactics, with lower-profile credential theft spiking, while ransomware attacks on enterprises have declined.

These are among the findings of a new report from IBM X-Force which also observes an 84 percent increase in emails delivering infostealers in 2024 compared to the previous year, a method threat actors rely heavily on to scale identity attacks.

Continue reading →

Ransomware attacks reached a historic high in the first quarter of this year, with 2,063 victims reported, a 102 percent increase compared to the previous year.

The report from GuidePoint Security also records a record high number of active threat groups, with 70 identified in Q1, reflecting a 55.5 percent year-on-year rise.

Continue reading →