ransomware
Safeguard articles tagged "ransomware" — guides, analysis, and best practices for software supply chain and application security.
91 articles
Black Basta Ransomware: Techniques and Tactics in 2024
Black Basta evolved from a Conti offshoot into one of the most technically advanced ransomware operations, using novel initial access methods and sophisticated evasion techniques.
BianLian's Pivot: From Ransomware Encryption to Pure Data Extortion
BianLian abandoned encryption entirely in favor of data theft and extortion. This shift reveals where ransomware economics are heading — and why traditional defenses are lagging behind.
LockBit Takedown: Inside Operation Cronos
Operation Cronos seized LockBit's leak site in February 2024. We unpack the NCA-led takedown, the decryptor release, and LockBit's rapid rebuild.
Change Healthcare Breach: The Worst Healthcare Data Breach in U.S. History
In February 2024, a ransomware attack on Change Healthcare paralyzed the U.S. healthcare payment system for weeks and ultimately exposed the personal health data of over 100 million Americans, making it the largest healthcare data breach ever recorded.
Change Healthcare Ransomware Attack: The Breach That Disrupted American Healthcare
The BlackCat/ALPHV ransomware attack on Change Healthcare caused the largest healthcare IT disruption in U.S. history, affecting pharmacies, hospitals, and insurance claims processing nationwide.
Operation Cronos: How Law Enforcement Dismantled LockBit Ransomware
A coordinated international operation seized LockBit's infrastructure, arrested affiliates, and obtained decryption keys. But did it actually stop the world's most prolific ransomware gang?
Bank of America Breach via Infosys McCamish Exposes 57,000 Customers
In February 2024, Bank of America disclosed that a ransomware attack on its service provider Infosys McCamish Systems had compromised the personal and financial data of over 57,000 customers, highlighting the cascading risk of vendor supply chain attacks.
Akira Ransomware: Exploiting VPN Vulnerabilities for Supply Chain Entry
Akira ransomware systematically exploited Cisco VPN vulnerabilities as its primary entry vector, targeting organizations through the network infrastructure they trusted most.
VF Corporation Ransomware Attack Disrupts Vans, North Face, and Timberland
In December 2023, VF Corporation, parent company of Vans, The North Face, and Timberland, suffered a ransomware attack that disrupted order fulfillment and exposed personal data of 35.5 million customers during the critical holiday shopping season.
Norton Healthcare Ransomware Breach Exposes 2.5 Million Patient Records
In December 2023, Norton Healthcare disclosed that a May ransomware attack by the ALPHV/BlackCat group had compromised personal and medical data of 2.5 million patients, revealing the devastating impact of ransomware on healthcare.
Boeing Hit by LockBit Ransomware: 43GB of Sensitive Data Leaked
In November 2023, the LockBit ransomware gang published 43 gigabytes of Boeing's internal data after the aerospace giant refused to pay ransom, exposing the persistent vulnerability of manufacturing supply chains to ransomware.
Apache ActiveMQ CVE-2023-46604: Ransomware Groups Exploit Critical RCE
A critical remote code execution flaw in Apache ActiveMQ was rapidly weaponized by ransomware operators, with exploitation beginning before many organizations could patch.