The anatomy of an Akira ransomware attack
Anything but science fiction: an analysis of a real life Akira ransomware attack.
3 minutes
Ransomware
AI-orchestrated cyberattacks
Sophisticated attackers once struggled to scale. Now, experienced groups can scale by adding agents to their workforce, and inexperienced or…
4 minutes
Tracking remote ransomware attacks at their source
When ransomware strikes, many are watching it happen through the wrong lens.
5 minutes
Ransomware in April 2025—RansomHub is gone
While DaVita and Marks & Spencer reel from devastating attacks, the most dominant ransomware group of the last year has…
1 minute
Ransomware in March 2025
March 2025 saw a huge number of ransomware attacks, and the Pennsylvania State Education Association quietly notify over 500,000 current…
1 minute
One in five Fortune 500 companies had leaked credentials in the past 30 days
Stolen credentials can open the door for ransomware and Business Email Compromise (BEC).
1 minute
Ransomware group Mora_001 targets Fortinet applications
The new gang appears to have links to the defunct LockBit group.
2 minutes
Ransomware in February 2025—Cl0p and RansomHub run riot
The Cl0p ransomware group posted data on 335 victims in February 2025, by far the largest one month total any…
2 minutes
Infighting brings down the Black Basta ransomware group
It seems that internal struggles lead to the break-down of one of the last ransomware-as-a-service giants.
2 minutes
Ransomware groups were faster, stealthier, and more active than ever in 2024
2024 was the worst year ever for big game ransomware.
1 minute
Ransomware in January 2024—bad news for US healthcare
January 2025 saw some high profile attacks and no shortage of bad news for the US healthcare sector.
0 minutes
Akira ransomware’s secret weapon—AnyDesk
The Akira ransomware group drops the AnyDesk client to gain persistence.
2 minutes
Which ports to monitor for ransomware attacks
There are a few ports that deserve extra attention when you're monitoring your systems for ransomware attacks.
3 minutes
Ransomware in December 2024—Cl0p returns
December 2024 saw the unwelcome return of the notorious Cl0p ransomware gang.
1 minute
Cleo, the next MOVEit and GoAnywhere?
The CL0P ransomware gang has claimed responsibility for attacks exploiting a vulnerability in Cleo file sharing products.
3 minutes
How the Black Basta ransomware gang hides Cobalt Strike beacons with PowerShell
Ransomware gangs love PowerShell.
4 minutes
Ransomware review: November 2024
In October 2024 we recorded a total of 575 ransomware victims, a new high for this year.
2 minutes
Hands-on-keyboard (HOK) attacks: How ransomware gangs attack in real-time
Ransomware defense is a 'battle of the keyboards'.
4 minutes
Cybercrime Has Gone Machine-Scale
AI is automating malware faster than security can adapt.
Get the facts Read the 2026 State of Malware