ransomware
Safeguard articles tagged "ransomware" — guides, analysis, and best practices for software supply chain and application security.
91 articles
MGM Resorts and Caesars Hit by Scattered Spider: Social Engineering at Scale
In September 2023, the Scattered Spider hacking group crippled MGM Resorts and extorted Caesars Entertainment through phone-based social engineering, exposing how human vulnerabilities can bypass even the most expensive security stacks.
The Ransomware Payment Ban Debate: Arguments, Evidence, and Unintended Consequences
Should governments ban ransomware payments? The debate intensified through 2023 as attacks escalated, with strong arguments on both sides and no clear consensus.
Clop Ransomware and the MOVEit Campaign: Mass Exploitation at Scale
Clop's exploitation of MOVEit Transfer compromised over 2,500 organizations in one campaign, demonstrating a shift from traditional ransomware to mass vulnerability exploitation.
Double Extortion Ransomware: How Data Theft Changed the Game
Double extortion transformed ransomware from a reversible nuisance into an irreversible data breach. The evolution from encryption-only to data theft fundamentally changed the threat model.
PaperCut CVE-2023-27350: When Print Management Software Becomes a Ransomware Gateway
CVE-2023-27350 in PaperCut NG/MF allowed unauthenticated RCE through the print management server. Cl0p and LockBit ransomware groups jumped on it within days.
GoAnywhere MFT Zero-Day (CVE-2023-0669): Clop Ransomware's File Transfer Rampage
The Clop ransomware gang exploited a pre-auth RCE in GoAnywhere MFT to breach over 130 organizations. The campaign foreshadowed their devastating MOVEit attack months later.
Royal Ransomware: Why Healthcare Became the Primary Target
Royal ransomware emerged from the ashes of Conti to become one of the most aggressive operations targeting healthcare organizations in 2022 and 2023.
LockBit 3.0: The Evolution of the World's Most Prolific Ransomware Operation
LockBit 3.0 introduced bug bounties, new extortion tactics, and industrial-scale operations that made it the dominant ransomware group through 2022 and 2023.
BlackCat/ALPHV Ransomware: Rust-Based Innovation and Supply Chain Exploitation
BlackCat (ALPHV) brought Rust programming, triple extortion, and supply chain targeting to the ransomware-as-a-service model, raising the bar for both attackers and defenders.
Costa Rica Conti Ransomware: The First Ransomware Attack to Trigger a National Emergency
The Conti ransomware group attacked Costa Rica's government systems so severely that the president declared a national emergency — the first time a country took such action in response to a cyberattack.
Conti Ransomware Leaks: What the Internal Files Revealed About Supply Chain Tools
When Conti's internal communications leaked in early 2022, they exposed the operational playbook of a top-tier ransomware gang — including how they targeted supply chains.
Kronos Ransomware Attack: When Payroll Systems Go Dark Before the Holidays
A ransomware attack on Ultimate Kronos Group disrupted payroll and workforce management for millions of workers at hospitals, governments, and major employers right before the holiday season.