Safeguard
Tag

ransomware

Safeguard articles tagged "ransomware" — guides, analysis, and best practices for software supply chain and application security.

91 articles

Industry Events

Infosecurity Europe 2026 Recap: Agentic AI Security Owned the Floor at ExCeL London

Agentic AI, post-quantum cryptography, and ransomware economics dominated Infosecurity Europe 2026. Here is what actually mattered on the floor at ExCeL London, and what was hype.

Jun 5, 20266 min read
Threat Intelligence

Qilin Ransomware Supply Chain Tactics 2025

Qilin became a top ransomware operator in 2024-2025 by pairing edge-device exploitation with managed service provider compromise. Here is the supply chain breakdown.

Apr 11, 20268 min read
Vulnerability Analysis

What is Ransomware

Ransomware costs organizations $2.73M on average to recover from. Learn how it works, its top infection vectors, and how to defend against it.

Mar 25, 20267 min read
Threat Intelligence

Akira Ransomware VPN Appliance Exploitation

Akira has industrialized VPN appliance exploitation. Here is the tradecraft, the advisories that document it, and what defenders must do about edge software supply chain risk.

Mar 7, 20267 min read
Incident Analysis

Change Healthcare Ransomware 2024: Deep Dive

The Change Healthcare ransomware attack knocked US healthcare payments offline for weeks. A missing MFA on a Citrix portal was the root cause United confirmed.

Mar 5, 20267 min read
Threat Intelligence

Volt Typhoon: Critical Infrastructure Supply Chain

Volt Typhoon is pre-positioning inside U.S. critical infrastructure using living-off-the-land tradecraft and third-party access. Here is what defenders should do about it.

Mar 2, 20266 min read
Threat Intelligence

Cozy Bear / Midnight Blizzard Supply Chain Tactics

Midnight Blizzard (APT29, Cozy Bear) has refined long-dwell supply chain access into an operational art. Here is what their 2023-2025 pattern looks like to defenders.

Feb 25, 20266 min read
Threat Intelligence

DPRK IT Worker Supply Chain Insider Threat

DPRK operatives have placed themselves inside Western companies as remote developers. Here is how that pattern functions as a supply chain threat and how to detect it.

Feb 20, 20266 min read
Threat Intelligence

Black Basta Ransomware Leak Lessons Learned

The Black Basta chat leak gave defenders a rare inside view of how a ransomware program operates. Here are the durable engineering lessons to take from it.

Feb 17, 20266 min read
Threat Intelligence

LockBit Takedown: What Came After

Operation Cronos disrupted LockBit's infrastructure but not the underlying affiliate economy. Here is what actually changed and what defenders should take from it into 2026.

Feb 13, 20267 min read
Vulnerability Analysis

VMware ESXi CVE-2024-37085 Auth Bypass by Ransomware

CVE-2024-37085 abuses ESXi's AD domain join to grant admin via a specially named group. Exploitation by Akira and Black Basta, detection, and fix.

Feb 11, 20268 min read
Threat Intelligence

FIN7 Supply Chain Social Engineering (2024)

FIN7 built tooling that made its social engineering feel like a SaaS product. Here is how its 2024 tradecraft blended malvertising, fake tools, and credential theft into a supply chain attack.

Feb 10, 20266 min read
ransomware (Page 2) — Safeguard Blog