Learn how to defend against ransomware attacks with proven prevention, detection, and recovery strategies. Our posts cover backup best practices, endpoint security, employee training, incident response planning, and the latest ransomware trends targeting individuals and organizations.
posts
The Breach That Started With a Single Browser Extension In early 2024, a data breach at a mid-size healthcare firm started not with some sophisticated zero-day exploit, but with a Chrome extension an employee installed to manage their tabs. That extension harvested saved passwords, session cookies, and browser history. Within
The Breach That Changed How I Think About Cyber Security In February 2024, Change Healthcare suffered a ransomware attack that disrupted insurance claims processing for nearly every hospital and pharmacy in the United States. UnitedHealth Group later confirmed the breach affected approximately 100 million individuals — making it the largest healthcare
The Breach That Started With a Single Password In January 2024, Microsoft disclosed that a Russian threat actor group known as Midnight Blizzard accessed corporate email accounts — including those of senior leadership — using nothing more than a password spray attack against a legacy test account that lacked multi-factor authentication. No
The Breach That Started With a Single Reused Password In January 2024, Microsoft disclosed that a Russian state-sponsored threat actor — Midnight Blizzard — breached executive email accounts using a password spray attack against a legacy test account that lacked multi-factor authentication. Microsoft. One of the largest technology companies on Earth. Compromised
The Colonial Pipeline Hack Was a Wake-Up Call Nobody Should Have Needed On May 7, 2021, a single compromised password shut down the largest fuel pipeline in the United States. Colonial Pipeline paid a $4.4 million ransom to the DarkSide threat actor group, and fuel shortages rippled across the
One Phish Email Took Down a $60 Billion Company's Defenses In 2023, MGM Resorts International lost roughly $100 million after a social engineering attack that started with a single phone call to their help desk. But most attacks don't even require that much effort. The average
In March 2024, Change Healthcare suffered a ransomware attack that disrupted insurance claims processing for nearly every hospital and pharmacy in the United States. The root cause? Stolen credentials on a system without multi-factor authentication. One overlooked gap in cyber security brought a $32 billion company to its knees and
The Breach That Proved "Secure Enough" Is a Myth In 2023, MGM Resorts lost an estimated $100 million after a social engineering phone call — just one phone call — gave threat actors the foothold they needed. MGM had firewalls. They had endpoint protection. They had a security team. What
