Tag

Ransomware

Explore how ransomware attacks work, how they infiltrate networks, and what steps individuals and organizations can take to prevent, detect, and recover from ransomware incidents. Articles cover recent ransomware variants, encryption tactics, backup strategies, and incident response planning.

posts

Incident Response

How to Respond to a Cyberattack: A Step-by-Step Plan

In 2023, MGM Resorts lost an estimated $100 million after a social engineering attack that started with a single phone call to their help desk. The threat actor impersonated an employee, gained access to internal systems, and deployed ransomware across the enterprise. The entire operation took roughly 10 minutes to

Carl B. Johnson Jul 11, 2026 5 min read
Types of Malware

Types of Malware: What Every Organization Must Know

In 2023, MGM Resorts lost an estimated $100 million after a social engineering attack opened the door to ransomware that crippled casino floors, hotel check-ins, and digital room keys for days. The attackers didn't use some exotic, never-before-seen weapon. They used well-known types of malware — the same categories

Carl B. Johnson Jul 02, 2026 5 min read
Data Breach

What Causes a Data Breach: 7 Root Causes in 2026

In 2024, IBM's Cost of a Data Breach Report pegged the global average cost of a single breach at $4.88 million — the highest figure ever recorded. And yet, when I talk to business owners after an incident, most of them ask the same question: How did this

Carl B. Johnson Jun 18, 2026 5 min read
Types of Malware

Types of Malware: What Every Organization Must Know

In February 2024, Change Healthcare — one of the largest health payment processors in the U.S. — was hit by the ALPHV/BlackCat ransomware group. The attack disrupted claims processing for hospitals and pharmacies nationwide, exposed protected health information for an estimated 100 million people, and reportedly led to a $22

Carl B. Johnson Jun 12, 2026 6 min read
Data Breach Examples 2026

Data Breach Examples 2026: Lessons from Real Attacks

In January 2026, a major U.S. healthcare network disclosed that threat actors had exfiltrated over 3 million patient records after compromising a single employee's credentials through a phishing email. It wasn't sophisticated malware. It wasn't a zero-day. It was a fake password-reset page.

Carl B. Johnson Jun 11, 2026 5 min read
Cloud Storage Security Risks

Cloud Storage Security Risks Your Team Is Ignoring

A Single Misconfigured S3 Bucket Exposed 540 Million Facebook Records Back in 2019, researchers at UpGuard discovered that two third-party Facebook app developers had left hundreds of millions of user records sitting in publicly accessible Amazon S3 buckets. No hacking required. No sophisticated exploit. Just wide-open cloud storage that anyone

Carl B. Johnson Jun 10, 2026 5 min read
Ransomware Examples 2026

Ransomware Examples 2026: Attacks Reshaping Security

The Ransom Note Has Changed — And So Should Your Defenses In January 2026, the FBI's Internet Crime Complaint Center (IC3) warned that ransomware complaints surged again year over year, with losses from reported incidents climbing into the billions. If you think ransomware peaked a few years ago, I

Carl B. Johnson Jun 09, 2026 5 min read
Ransomware

How Ransomware Spreads: 7 Paths Into Your Network

In February 2024, Change Healthcare — the largest medical claims processor in the United States — was hit by the ALPHV/BlackCat ransomware group. The attack disrupted billing systems at hospitals and pharmacies nationwide for weeks. The entry point? Stolen credentials used on a remote access portal that lacked multi-factor authentication. One

Carl B. Johnson Jun 05, 2026 5 min read
Social Engineering Attacks

Social Engineering Attacks: Why Humans Are the #1 Target

In 2023, MGM Resorts lost roughly $100 million after a threat actor called Scattered Spider social-engineered the company's IT help desk with a single phone call. The attacker impersonated an employee, convinced the help desk to reset credentials, and within hours had burrowed deep enough to deploy ransomware

Carl B. Johnson May 30, 2026 6 min read