<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>ransomware &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/ransomware/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Mon, 24 Nov 2025 14:21:37 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>From Extortion to E-commerce: How Ransomware Groups Turn Breaches into Bidding Wars</title>
		<link>https://noise.getoto.net/2025/11/24/from-extortion-to-e-commerce-how-ransomware-groups-turn-breaches-into-bidding-wars/</link>
		
		<dc:creator><![CDATA[Alexandra Blia]]></dc:creator>
		<pubDate>Mon, 24 Nov 2025 14:21:37 +0000</pubDate>
				<category><![CDATA[dark web]]></category>
		<category><![CDATA[Labs]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[research]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=d6687a388a2c90a7ec4fd7e392d5b1ef</guid>

					<description><![CDATA[Ransomware has evolved from simple digital extortion into a structured, profit-driven criminal enterprise. Over time, it has led to the development of a complex ecosystem where stolen data is not only leveraged for ransom, but also sold to the highest ...]]></description>
		
		
		<enclosure url="https://images.contentstack.io/v3/assets/blte4f029e766e6b253/bltf3ae6fb8e07d88e0/67ee88468d0b99031be0ea84/resources-research.jpg" length="0" type="" />

			</item>
		<item>
		<title>The State of Security Today: Setting the Stage for 2026</title>
		<link>https://noise.getoto.net/2025/11/18/the-state-of-security-today-setting-the-stage-for-2026/</link>
		
		<dc:creator><![CDATA[Rapid7]]></dc:creator>
		<pubDate>Tue, 18 Nov 2025 16:07:34 +0000</pubDate>
				<category><![CDATA[artificial intelligence]]></category>
		<category><![CDATA[cybersecurity]]></category>
		<category><![CDATA[ransomware]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=86dc1f06f1d976aa6aebc9fdc65549ad</guid>

					<description><![CDATA[As we close out 2025, one thing is clear: the security landscape is evolving faster than most organizations can keep up. From surging ransomware campaigns and AI-enhanced phishing to data extortion, geopolitical fallout, and gaps in cyber readiness, th...]]></description>
		
		
		<enclosure url="https://images.contentstack.io/v3/assets/blte4f029e766e6b253/bltebc2810157aecfaf/68af2715c53b04810df94abb/blog-hero-generic-pixel.jpg" length="0" type="" />

			</item>
		<item>
		<title>Threat Landscape of the Building and Construction Sector Part Two: Ransomware</title>
		<link>https://noise.getoto.net/2025/11/14/threat-landscape-of-the-building-and-construction-sector-part-two-ransomware/</link>
		
		<dc:creator><![CDATA[Jeremy Makowski]]></dc:creator>
		<pubDate>Fri, 14 Nov 2025 14:31:42 +0000</pubDate>
				<category><![CDATA[ransomware]]></category>
		<category><![CDATA[research]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=d8bd5ab795dae4bf8b942774b0136ace</guid>

					<description><![CDATA[In this second installment of our two-part series on the construction industry, Rapid7 is looking at the specific threat ransomware poses, why the industry is particularly vulnerable, and ways in which threat actors exploit its weaknesses to great effe...]]></description>
		
		
		<enclosure url="https://images.contentstack.io/v3/assets/blte4f029e766e6b253/blted8cb9466d79dc4d/6852c596a274324cfbb23d9d/PSN-gov-showcase-hero-image.png" length="0" type="" />

			</item>
		<item>
		<title>Attackers accelerate, adapt, and automate: Rapid7’s Q3 2025 Threat Landscape Report</title>
		<link>https://noise.getoto.net/2025/11/12/attackers-accelerate-adapt-and-automate-rapid7s-q3-2025-threat-landscape-report/</link>
		
		<dc:creator><![CDATA[Rapid7]]></dc:creator>
		<pubDate>Wed, 12 Nov 2025 13:55:11 +0000</pubDate>
				<category><![CDATA[Labs]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[research]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=888e09e8938ef6b76532dc25dfedde4e</guid>

					<description><![CDATA[The Q3 2025 Threat Landscape Report, authored by the Rapid7 Labs team, paints a clear picture of an environment where attackers are moving faster, working smarter, and using artificial intelligence to stay ahead of defenders. The findings reveal a thre...]]></description>
		
		
		<enclosure url="https://images.contentstack.io/v3/assets/blte4f029e766e6b253/bltf1878ef573c5427e/691491f1a62c1d1b126572f8/Threat-Landscape-Q3-2025-card.jpg" length="0" type="" />

			</item>
		<item>
		<title>Microsoft Still Uses RC4</title>
		<link>https://noise.getoto.net/2025/09/16/microsoft-still-uses-rc4/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 16 Sep 2025 11:06:44 +0000</pubDate>
				<category><![CDATA[algorithms]]></category>
		<category><![CDATA[microsoft]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[RC4]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70791</guid>

					<description><![CDATA[Senator Ron Wyden has asked the Federal Trade Commission to investigate Microsoft over its continued use of the RC4 encryption algorithm. The letter talks about a hacker technique called Kerberoasting, that exploits the Kerberos authentication system.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>AI &#038; Ransomware: Inside the Exfiltration Playbook</title>
		<link>https://noise.getoto.net/2025/07/17/ai-ransomware-inside-the-exfiltration-playbook/</link>
		
		<dc:creator><![CDATA[Stephanie Doyle]]></dc:creator>
		<pubDate>Thu, 17 Jul 2025 15:15:55 +0000</pubDate>
				<category><![CDATA[AI/ML]]></category>
		<category><![CDATA[B2Cloud]]></category>
		<category><![CDATA[Cloud Storage]]></category>
		<category><![CDATA[Featured]]></category>
		<category><![CDATA[Featured-Cloud Storage]]></category>
		<category><![CDATA[ransomware]]></category>
		<guid isPermaLink="false">https://www.backblaze.com/blog/?p=112197</guid>

					<description><![CDATA[<p>Exfiltration has become a key tactic in cyber attacks, and cloud misconfigurations contribute to its success in undermining enterprises. Let's talk about important trends and best practices. </p>
<p>The post <a href="https://www.backblaze.com/blog/ai-ransomware-inside-the-exfiltration-playbook/">AI &#38; Ransomware: Inside the Exfiltration Playbook</a> appeared first on <a href="https://www.backblaze.com/blog">Backblaze Blog &#124; Cloud Storage &#38; Cloud Backup</a></p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>BlackSuit Continues Social Engineering Attacks in Wake of Black Basta’s Internal Conflict</title>
		<link>https://noise.getoto.net/2025/06/10/blacksuit-continues-social-engineering-attacks-in-wake-of-black-bastas-internal-conflict/</link>
		
		<dc:creator><![CDATA[Tyler McGraw]]></dc:creator>
		<pubDate>Tue, 10 Jun 2025 15:00:00 +0000</pubDate>
				<category><![CDATA[incident response]]></category>
		<category><![CDATA[Malware]]></category>
		<category><![CDATA[Managed Detection and Response (MDR)]]></category>
		<category><![CDATA[ransomware]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=ac170da65e19d8d1d28672bb7059c326</guid>

					<description><![CDATA[Despite a significant decrease in social engineering attacks linked to the Black Basta ransomware group since late December 2024, Rapid7 has observed sustained social engineering attacks. Evidence suggests that BlackSuit affiliates have either adopted Black Basta’s strategy or absorbed its members.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2025/06/GettyImages-2169855131.jpg" length="0" type="" />

			</item>
		<item>
		<title>From Ideology to Financial Gain: Exploring the Convergence from Hacktivism to Cybercrime</title>
		<link>https://noise.getoto.net/2025/06/03/from-ideology-to-financial-gain-exploring-the-convergence-from-hacktivism-to-cybercrime/</link>
		
		<dc:creator><![CDATA[Rapid7]]></dc:creator>
		<pubDate>Tue, 03 Jun 2025 17:00:00 +0000</pubDate>
				<category><![CDATA[ransomware]]></category>
		<category><![CDATA[Threat Intel]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=1ea5d248f09029aae384338e53724259</guid>

					<description><![CDATA[The lines between ideologically-driven hacktivism and financially motivated cybercriminals are blurring. Some hacktivist groups are evolving into ransomware operations – even becoming ransomware affiliates – merging the disruptive zeal of hacktivism with the ruthless efficiency of cybercrime.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2025/05/GettyImages-1042376278.jpg" length="0" type="" />

			</item>
		<item>
		<title>Australia Requires Ransomware Victims to Declare Payments</title>
		<link>https://noise.getoto.net/2025/06/02/australia-requires-ransomware-victims-to-declare-payments/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 02 Jun 2025 11:03:34 +0000</pubDate>
				<category><![CDATA[australia]]></category>
		<category><![CDATA[disclosure]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70307</guid>

					<description><![CDATA[A new Australian law requires larger companies to declare any ransomware payments they have made.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Retail Under Siege: What Recent Cyber Attacks Tell Us About Today’s Threat Landscape</title>
		<link>https://noise.getoto.net/2025/05/27/retail-under-siege-what-recent-cyber-attacks-tell-us-about-todays-threat-landscape/</link>
		
		<dc:creator><![CDATA[Emma Burdett]]></dc:creator>
		<pubDate>Tue, 27 May 2025 14:00:00 +0000</pubDate>
				<category><![CDATA[news]]></category>
		<category><![CDATA[ransomware]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=7f7e48235a9d0f2fdeadff5113b7310b</guid>

					<description><![CDATA[When several major UK organizations, including well-known retail brands, found themselves caught in a cyber attack earlier this year, it made headlines – reflecting a growing trend where attackers exploit third-party vendors to breach businesses through a single point of entry.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2025/05/GettyImages-1764818961.jpg" length="0" type="" />

			</item>
		<item>
		<title>Key Takeaways from the Take Command Summit 2025: Inside the Mind of an Attacker</title>
		<link>https://noise.getoto.net/2025/05/21/key-takeaways-from-the-take-command-summit-2025-inside-the-mind-of-an-attacker/</link>
		
		<dc:creator><![CDATA[Rapid7]]></dc:creator>
		<pubDate>Wed, 21 May 2025 14:00:00 +0000</pubDate>
				<category><![CDATA[Events]]></category>
		<category><![CDATA[ransomware]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=3f9e813a0ba5172564678e831694fe7b</guid>

					<description><![CDATA[In one of the most anticipated sessions of Take Command 2025, Raj Samani, Chief Scientist at Rapid7, sat down with Trent Teyema, former FBI Special Agent and President of CSG Strategies, for a candid conversation on how threat actors are evolving and what defenders must do to keep up.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2025/05/GettyImages-1488115481.jpg" length="0" type="" />

			</item>
		<item>
		<title>Why is Ransomware Still a Thing in 2025?</title>
		<link>https://noise.getoto.net/2025/05/01/why-is-ransomware-still-a-thing-in-2025/</link>
		
		<dc:creator><![CDATA[Christiaan Beek]]></dc:creator>
		<pubDate>Thu, 01 May 2025 15:05:00 +0000</pubDate>
				<category><![CDATA[ransomware]]></category>
		<category><![CDATA[rsa]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=a48844d2f7dde42a9803d9acdd070cf1</guid>

					<description><![CDATA[Ransomware remains a crisis because we are still giving attackers the upper hand. To regain control, we need to understand how we’ve made it so easy for them, and what we can do to change that.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2025/04/GettyImages-2176444732.jpg" length="0" type="" />

			</item>
		<item>
		<title>AI 101: How AI and Ransomware Are Reshaping Cybersecurity</title>
		<link>https://noise.getoto.net/2025/04/17/ai-101-how-ai-and-ransomware-are-reshaping-cybersecurity/</link>
		
		<dc:creator><![CDATA[Stephanie Doyle]]></dc:creator>
		<pubDate>Thu, 17 Apr 2025 16:05:32 +0000</pubDate>
				<category><![CDATA[AI/ML]]></category>
		<category><![CDATA[B2Cloud]]></category>
		<category><![CDATA[Cloud Storage]]></category>
		<category><![CDATA[Featured]]></category>
		<category><![CDATA[Featured-Cloud Storage]]></category>
		<category><![CDATA[ransomware]]></category>
		<guid isPermaLink="false">https://www.backblaze.com/blog/?p=112041</guid>

					<description><![CDATA[<p>AI is changing the ransomware landscape, empowering both cybercriminals with sophisticated tools and cybersecurity defenders with advanced protection. Today, let's talk about the high-stakes battle for data security.</p>
<p>The post <a href="https://www.backblaze.com/blog/ai-101-how-ai-and-ransomware-are-reshaping-cybersecurity/">AI 101: How AI and Ransomware Are Reshaping Cybersecurity</a> appeared first on <a href="https://www.backblaze.com/blog">Backblaze Blog &#124; Cloud Storage &#38; Cloud Backup</a></p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>2025 Ransomware: Business as Usual, Business is Booming</title>
		<link>https://noise.getoto.net/2025/04/08/2025-ransomware-business-as-usual-business-is-booming/</link>
		
		<dc:creator><![CDATA[Chris Boyd]]></dc:creator>
		<pubDate>Tue, 08 Apr 2025 13:01:00 +0000</pubDate>
				<category><![CDATA[Labs]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[research]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=d5dc3b7bf56c9c9c16b4dca454c9724a</guid>

					<description><![CDATA[Rapid7 Labs took a look at internal and publicly-available ransomware data for Q1 2025 and added our own insights to provide a picture of the year thus far—and what you can do now to reduce your attack surface against ransomware.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2025/04/GettyImages-2198938705.jpg" length="0" type="" />

			</item>
		<item>
		<title>A Rebirth of a Cursed Existence? &#8211; The Babuk Locker 2.0</title>
		<link>https://noise.getoto.net/2025/04/02/a-rebirth-of-a-cursed-existence-the-babuk-locker-2-0/</link>
		
		<dc:creator><![CDATA[Rapid7]]></dc:creator>
		<pubDate>Wed, 02 Apr 2025 13:00:00 +0000</pubDate>
				<category><![CDATA[Labs]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[research]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=3dea50383ab57b792742aaaf042c52e6</guid>

					<description><![CDATA[In early 2025, we came across a channel promoting itself as Babuk Locker. Since the original group had shut down in 2021, we decided to investigate whether this was a rebrand or a new threat.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2025/04/GettyImages-2169754654.jpg" length="0" type="" />

			</item>
		<item>
		<title>Fake BianLian Ransomware Letters in Circulation</title>
		<link>https://noise.getoto.net/2025/03/19/fake-bianlian-ransomware-letters-in-circulation/</link>
		
		<dc:creator><![CDATA[Chris Boyd]]></dc:creator>
		<pubDate>Wed, 19 Mar 2025 16:00:00 +0000</pubDate>
				<category><![CDATA[Labs]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[research]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=7f93d553c33395d1d7793db5ab6691f4</guid>

					<description><![CDATA[On March 5, the FBI issued an alert regarding a mail scam targeting U.S. business executives with extortion. The letters claim to be from noted ransomware group BianLian, demanding a payment in Bitcoin ranging from $250,000 to $500,000 within ten days of receipt.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2025/03/GettyImages-2180078018.jpg" length="0" type="" />

			</item>
		<item>
		<title>Disaster Recovery 101: Backup vs. Replication</title>
		<link>https://noise.getoto.net/2025/02/25/disaster-recovery-101-backup-vs-replication/</link>
		
		<dc:creator><![CDATA[Kari Rivas]]></dc:creator>
		<pubDate>Tue, 25 Feb 2025 17:22:35 +0000</pubDate>
				<category><![CDATA[B2Cloud]]></category>
		<category><![CDATA[Cloud Storage]]></category>
		<category><![CDATA[Disaster recovery/DRaaS]]></category>
		<category><![CDATA[Featured]]></category>
		<category><![CDATA[Featured-Cloud Storage]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[Server Backup]]></category>
		<guid isPermaLink="false">https://www.backblaze.com/blog/?p=111965</guid>

					<description><![CDATA[<p>When you're building a disaster recovery strategy, it's crucial to know that there's a difference between replication and backups. Here's what you need to know. </p>
<p>The post <a href="https://www.backblaze.com/blog/disaster-recovery-101-backup-vs-replication/">Disaster Recovery 101: Backup vs. Replication</a> appeared first on <a href="https://www.backblaze.com/blog">Backblaze Blog &#124; Cloud Storage &#38; Cloud Backup</a></p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>CISA Under Trump</title>
		<link>https://noise.getoto.net/2025/01/28/cisa-under-trump/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 28 Jan 2025 12:09:53 +0000</pubDate>
				<category><![CDATA[cyberattack]]></category>
		<category><![CDATA[cybersecurity]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69838</guid>

					<description><![CDATA[<p>Jen Easterly is out as the Director of CISA. Read her final <a href="https://www.wired.com/story/big-interview-jen-easterly-cisa-cybersecurity/">interview</a>:</p>
<blockquote><p>There’s a lot of unfinished business. We have made an impact through our ransomware vulnerability warning pilot and our pre-ransomware notification initiative, and I’m really proud of that, because we work on preventing somebody from having their worst day. But ransomware is still a problem. We have been laser-focused on PRC cyber actors. That will continue to be a huge problem. I’m really proud of where we are, but there’s much, much more work to be done. There are things that I think we can continue driving, that the next administration, I hope, will look at, because, frankly, cybersecurity is a national security issue...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>The 2024 Ransomware Landscape: Looking back on another painful year</title>
		<link>https://noise.getoto.net/2025/01/27/the-2024-ransomware-landscape-looking-back-on-another-painful-year/</link>
		
		<dc:creator><![CDATA[Christiaan Beek]]></dc:creator>
		<pubDate>Mon, 27 Jan 2025 14:00:00 +0000</pubDate>
				<category><![CDATA[Labs]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[research]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=4b41a54f89b34faa72d485c68f5ce3f2</guid>

					<description><![CDATA[In this post, we’ll examine the latest data points, discuss notable groups, and estimate the potential impact on victims — helping security teams plan their defenses for the months ahead.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2025/01/GettyImages-2040069487.jpg" length="0" type="" />

			</item>
		<item>
		<title>Preventing unintended encryption of Amazon S3 objects</title>
		<link>https://noise.getoto.net/2025/01/16/preventing-unintended-encryption-of-amazon-s3-objects/</link>
		
		<dc:creator><![CDATA[Steve de Vera]]></dc:creator>
		<pubDate>Thu, 16 Jan 2025 02:43:53 +0000</pubDate>
				<category><![CDATA[Advanced (300)]]></category>
		<category><![CDATA[Best practices]]></category>
		<category><![CDATA[incident response]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[S3]]></category>
		<category><![CDATA[security]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[threat detection]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=2d784658c31e97cfa97ebad47244be67</guid>

					<description><![CDATA[At Amazon Web Services (AWS), the security of our customers’ data is our top priority, and it always will be. Recently, the AWS Customer Incident Response Team (CIRT) and our automated security monitoring systems identified an increase in unusual encryption activity associated with Amazon Simple Storage Service (Amazon S3) buckets. Working with customers, our security […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 50/352 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-11 07:59:50 by W3 Total Cache
-->