Are we seeing the extinction of mass data exfiltration campaigns? The stats demonstrate these attacks are losing their efficacy.
Read MoreNitrogen ransomware was derived from the previously leaked Conti 2 builder code, and is similar to Nitrogen ransomware, but a coding mistake in the ESXi malware causes it to encrypt all the files with the wrong public key, irrevocably corrupting them. This means that even the threat actor is incapable of decrypting them, and that victims that are without viable backups have no ability to recover their ESXi encrypted servers. Paying a ransom will not assist these victims, as the decryption key/ tool will not work.
Read MoreDiscover how Obscura ransomware corrupts encrypted files beyond recovery, and why technical validation is key to smart ransom response decisions
Read MoreThe percentage of companies choosing to pay ransoms dropped significantly, while threat actors shift their tactics in response to decreasing profits.
Read MoreSeveral ransomware groups used highly targeted social engineering tactics to create a major impact across several industry sectors in Q2 2025.
Read More
The Ransomware-as-a-service (RaaS) model has not recovered from law enforcement disruption, and the entrance of novice actors along with non-Russian state-linked cybercriminals has led to uncertain outcomes for victims.
Read More
2024 was a banner year for Law enforcement agency actions against ransomware and cybercrime groups. Will the new administration ensure this momentum continues?
Read More
In Q3 2024 Law enforcement actions disrupted infrastructure and publicized the identity of several prolific ransomware threat actors
Read More
Unaffiliated ‘lone wolf’ threat actors carry out a greater share of attacks as they attempt to obfuscate their identity in Q2 2024.
Read MoreRaaS developers were caught cheating their affiliates, shaking the trust in the RaaS model following several high profile law enforcement actions.
Read More
A lower percentage of ransomware victims are paying, as new regulations begin to elicit more and more public disclosure of ransomware incidents.
Read More
In Q3 2023 a series of ransomware attacks by similar threat actors created headlines and blurred the lines of attribution.
Read More
As ransomware affiliates are paid less frequently, they have adapted their strategies to compensate for the shifting dynamics of cyber extortion.
Read More
Ransomware threat actors are moving back up-market in search of lost profits as the cyber extortion economy seeks to halt its contraction.
Read More
Only 37% of ransomware victims paid a ransom in Q4, a record low as security and backup continuity investments pay off.
Read More
The conviction of a high profile security executive who paid to suppress a data leak has created a new dimension of risk for security executives.
Read More
Ransomware actors became more fluid in Q2 2022 as attribution becomes harder, and fewer victims succumb to paying cyber criminals.
Read More
During a recent HSGAC hearing, Coveware had the opportunity to provide testimony on how ransomware attacks are impacting US companies, and the importance mandatory reporting.
Read More
Less Victims of Ransomware are Paying, even as Cybercriminals Shift from Big Game to Big Shame Hunting
Read More