Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

Dermatology, Imaging Hacks Expose 3.3 Million Patients' PHI

Marianne Kolbasuk McGee • July 17, 2025

A Maryland dermatology practice and a Virginia radiology organization have each reported to regulators separate hacking incidents that in total affected the information of more than 3.3 million patients. The incidents rank among the five largest health data breaches reported in 2025 so far.

Fraud Management & Cybercrime

Ransomware Group Threatens to Dump Paraguayan Citizens' Data

Latest

Vendor Risk Management

Lansweeper Purchases Redjack to Strengthen Asset Discovery

Michael Novinson • July 17, 2025

Lansweeper has acquired Redjack to combine detailed scanning with passive discovery, offering real-time asset inventories that fuel zero trust, business continuity and attack surface management. The combined offering enhances support for cybersecurity through automation and real-time data.

Next-Generation Technologies & Secure Development

iCounter Debuts With Mission to Defeat AI-Enabled Threats

Michael Novinson • July 16, 2025

Former FireEye and Mandiant leader John Watters unveils iCounter, a new cyber risk intelligence startup focused on targeted attacks and AI-enabled adversaries. Backed by Syn Ventures, the firm aims to transform threat detection with deeper visibility into attacker reconnaissance.

Data Breach Notification

Seychelles Commercial Bank Confirms Customer Data Breach

Mathew J. Schwartz • July 15, 2025

Seychelles Commercial Bank is warning customers that a hacker stole their personal information - but no money - from their accounts after breaching its systems. The hacker involved claims to have stolen and sold two gigabytes of customer data from the bank, which paid no ransom.

Fraud Management & Cybercrime

France Nabs Russian Basketball Player in Ransomware Probe

Akshaya Asokan • July 14, 2025

A Paris criminal court on Tuesday held an extradition hearing for a Russian professional basketball player who U.S. authorities say worked as a negotiator for an undisclosed ransomware group. French police on June 21 arrested Daniil Kasatkin, 26, at Charles de Gaulle Airport.

Agentic AI

Agentic AI Security Gets Fuel With Snyk's Invariant Labs Buy

Michael Novinson • June 24, 2025

To safeguard AI-native apps, Snyk has acquired Swiss startup Invariant Labs, whose experts pioneered research into vulnerabilities in agentic workflows. Snyk plans to integrate these capabilities across its developer-first security platform, starting with design partners.

Account Takeover Fraud

Neovera Boosts Bank Fraud Defense With Greenway Acquisition

Michael Novinson • June 18, 2025

Neovera has acquired Greenway Solutions, a Charlotte-based fraud red-teaming vendor serving top banks, to expand its cyber capabilities. The Washington D.C.-area services provider plans to tailor services for community banks and credit unions using automation and selective testing.

Cybercrime

Scattered Spider Targeting American Insurance Firms

Akshaya Asokan • June 17, 2025

A hacking collective behind recent cyberattacks on major British retailers has pivoted to target U.S. insurance firms, warned Google. Scattered Spider, tracked as UNC3944 by Google, is a financially motivated threat group consisting largely of English-speaking adolescents.

Fraud Management & Cybercrime

Erie Insurance Tells SEC It's Responding to a Cyber Incident

Marianne Kolbasuk McGee • June 12, 2025

Erie Indemnity Company, which offers a wide range of insurance including Medicare supplements and cyber coverage, has notified the U.S. Securities and Exchange Commission that it has been responding to a cyber incident since last weekend. The company is also warning customers of potential scams.

Agentic AI

Beyond Generic Chatbots: Rise of Industry-Specific AI Agents

Sandhya Michu • June 6, 2025

As companies shift away from broad, general-purpose AI tools, Iksha Labs CEO Hitesh Ganjoo says the future lies in domain-specific agents such as Rumi, an AI hiring coworker that's transforming interviews with speed and consistency.

Data Backup and Recovery

The Forgotten Details of Ransomware Response Plans

Marianne Kolbasuk McGee • June 4, 2025

While healthcare organizations often know in general what they need to do in case they're faced with a ransomware attack, the devil is in the details of how comprehensive and well-rehearsed that incident preparedness plan is for optimal response, said Rick Doten, vice president and healthplan CISO at Centene Corp.

Agentic AI

Nvidia CEO Huang Warns Export Bans Empower Chinese AI Firms

Michael Novinson • May 29, 2025

CEO Jensen Huang says new U.S. chip restrictions on China forced Nvidia to write down $4.5 billion in AI inventory and will hurt American leadership in global infrastructure as Chinese firms gain momentum. The rules fuel China’s rise and jeopardize U.S. infrastructure dominance, according to Huang.

Security Operations

Zscaler Buys Red Canary to Elevate AI-Driven Threat Response

Michael Novinson • May 28, 2025

Zscaler's buy of Red Canary will unify its cloud-based security infrastructure with Red Canary's MDR insights, giving rise to a next-gen SOC built on automation, AI, and rapid detection expertise. The integration will support a proactive SOC experience powered by AI workflows and security expertise.