Tag: extortion
-
South Korean E-Commerce Giant Coupang Probes Massive Breach
Chinese Developer Formerly Employed by Company Suspected of Data Theft. South Korea’s biggest online retailer, Coupang, said a five-month breach exposed personal data pertaining to 34 million customers, and only came to light after it received an extortion demand. Police said a former developer at the company, a Chinese national who fled the country, is…
-
South Korean E-Commerce Giant Coupang Probes Massive Breach
Chinese Developer Formerly Employed by Company Suspected of Data Theft. South Korea’s biggest online retailer, Coupang, said a five-month breach exposed personal data pertaining to 34 million customers, and only came to light after it received an extortion demand. Police said a former developer at the company, a Chinese national who fled the country, is…
-
South Korean E-Commerce Giant Coupang Probes Massive Breach
Chinese Developer Formerly Employed by Company Suspected of Data Theft. South Korea’s biggest online retailer, Coupang, said a five-month breach exposed personal data pertaining to 34 million customers, and only came to light after it received an extortion demand. Police said a former developer at the company, a Chinese national who fled the country, is…
-
Alliances between ransomware groups tied to recent surge in cybercrime
Tags: access, attack, awareness, backup, business, cloud, cybercrime, cybersecurity, data, encryption, exploit, extortion, group, healthcare, incident response, intelligence, law, leak, monitoring, ransom, ransomware, saas, service, software, tactics, theft, threat, vpn, vulnerability, zero-dayRansomware groups change tactics to evade law enforcement: The latest quarterly study from Rapid7 also found that newly forged alliances are leading to a spike in ransomware activity while adding that tactical innovations, from refined extortion to double extortion and use of zero day, are also playing a part in increased malfeasance.The quarter also saw…
-
Dartmouth College confirms data breach after Clop extortion attack
Dartmouth College has disclosed a data breach after the Clop extortion gang leaked data allegedly stolen from the school’s Oracle E-Business Suite servers on its dark web leak site. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dartmouth-college-confirms-data-breach-after-clop-extortion-attack/
-
Dartmouth College confirms data breach after Clop extortion attack
Dartmouth College has disclosed a data breach after the Clop extortion gang leaked data allegedly stolen from the school’s Oracle E-Business Suite servers on its dark web leak site. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dartmouth-college-confirms-data-breach-after-clop-extortion-attack/
-
Critical Flaw in Oracle Identity Manager Under Exploitation
The exploitation of CVE-2025-61757 follows a breach of Oracle Cloud earlier this year as well as a recent extortion campaign targeting Oracle E-Business Suite customers. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/critical-flaw-oracle-identity-manager-under-exploitation
-
Deja Vu: Salesforce Customers Hacked Again, Via Gainsight
In a repeat of similar attacks during the summer, threat actors affiliated with the ShinyHunters extortion group used a third-party application to steal organizations’ Salesforce data. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/salesforce-customers-hacked-gainsight
-
Cybersecurity Snapshot: Global Agencies Target Criminal “Bulletproof” Hosts, as CSA Unveils Agentic AI Risk Framework
Tags: access, advisory, ai, android, apple, attack, banking, breach, browser, chrome, cisa, ciso, cloud, compliance, control, credentials, credit-card, crypto, cve, cyber, cybercrime, cybersecurity, data, defense, detection, endpoint, extortion, finance, firewall, firmware, flaw, framework, google, governance, government, group, guide, Hardware, ibm, identity, infection, infrastructure, international, Internet, law, linux, malicious, malware, microsoft, mobile, monitoring, network, open-source, oracle, password, phishing, radius, ransomware, rat, resilience, risk, risk-assessment, risk-management, russia, scam, service, software, switch, technology, threat, tool, update, vulnerability, windowsCyber agencies call on ISPs to help combat “bulletproof” internet hosts that shield cybercriminals. Meanwhile, the CSA introduced a new methodology to assess the risks of autonomous AI. Plus, get the latest on the CIS Benchmarks, drone-detection systems, and malware infections. Key takeaways Crackdown on “bulletproof” hosting: International cyber agencies are urging ISPs and network…
-
Cybersecurity Snapshot: Global Agencies Target Criminal “Bulletproof” Hosts, as CSA Unveils Agentic AI Risk Framework
Tags: access, advisory, ai, android, apple, attack, banking, breach, browser, chrome, cisa, ciso, cloud, compliance, control, credentials, credit-card, crypto, cve, cyber, cybercrime, cybersecurity, data, defense, detection, endpoint, extortion, finance, firewall, firmware, flaw, framework, google, governance, government, group, guide, Hardware, ibm, identity, infection, infrastructure, international, Internet, law, linux, malicious, malware, microsoft, mobile, monitoring, network, open-source, oracle, password, phishing, radius, ransomware, rat, resilience, risk, risk-assessment, risk-management, russia, scam, service, software, switch, technology, threat, tool, update, vulnerability, windowsCyber agencies call on ISPs to help combat “bulletproof” internet hosts that shield cybercriminals. Meanwhile, the CSA introduced a new methodology to assess the risks of autonomous AI. Plus, get the latest on the CIS Benchmarks, drone-detection systems, and malware infections. Key takeaways Crackdown on “bulletproof” hosting: International cyber agencies are urging ISPs and network…
-
Google says hackers stole data from 200 companies following Gainsight breach
Notorious hacking collective Scattered Lapsus$ Hunters takes credit for the breach that affected Salesforce customers’ data, and said it is planning another extortion campaign. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/21/google-says-hackers-stole-data-from-200-companies-following-gainsight-breach/
-
NSA Issues New Guidance to Help ISPs and Defenders Stop Malicious Activity
Tags: cisa, cyber, cybercrime, cybersecurity, data, extortion, finance, framework, infrastructure, international, Internet, malicious, network, ransomware, serviceThe National Security Agency (NSA), CISA, FBI, and international cybersecurity partners have released groundbreaking guidance to help internet service providers and network defenders combat bulletproof hosting providers. This new framework, published November 19, 2025, represents a coordinated effort to mitigate cybercriminal infrastructure that actively supports ransomware, data extortion, and other malicious activities targeting critical infrastructure and financial…
-
The Gentlemen<< Ransomware Group Deploys Dual-Extortion Tactics, Encrypting and Exfiltrating Data
Cybereason Threat Intelligence Team has uncovered a sophisticated ransomware operation known as >>The Gentlemen,
-
The Gentlemen<< Ransomware Group Deploys Dual-Extortion Tactics, Encrypting and Exfiltrating Data
Cybereason Threat Intelligence Team has uncovered a sophisticated ransomware operation known as >>The Gentlemen,
-
Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters
An in-development build of the upcoming ShinySp1d3r ransomware-as-a-service platform has surfaced, offering a preview of the upcoming extortion operation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/meet-shinysp1d3r-new-ransomware-as-a-service-created-by-shinyhunters/
-
Eurofiber confirms November 13 hack, data theft, and extortion attempt
Eurofiber says hackers exploited a flaw on November 13, breached its ticket and customer portals, stole data, and attempted extortion. On November 13, threat actors exploited a vulnerability to breach its ticketing system and ATE customer portal of the European fiber operator Eurofiber. Attackers stole data and attempted extortion. Eurofiber focuses on B2B digital infrastructure,…
-
Yurei Ransomware: Encryption Mechanics, Operational Model, and Data Exfiltration Methods
A newly identified ransomware group, Yurei, has emerged as a significant threat to organizations worldwide, with confirmed attacks targeting entities in Sri Lanka and Nigeria across multiple critical industries. First publicly identified in early September 2025, Yurei operates a traditional ransomware-as-extortion model, infiltrating corporate networks, encrypting sensitive data, destroying backup systems, and leveraging a dedicated…
-
Kraken Uses Benchmarking to Enhance Ransomware Attacks
Cisco Talos has observed overlaps between Kraken and the earlier HelloKitty cartel through attack tactics using SMB flaws for big-game hunting and double extortion First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/kraken-benchmarking-enhance/
-
Logitech confirms data breach after Clop extortion attack
Hardware accessory giant Logitech has confirmed it suffered a data breach in a cyberattack claimed by the Clop extortion gang, which conducted Oracle E-Business Suite data theft attacks in July. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/logitech-confirms-data-breach-after-clop-extortion-attack/
-
Kraken Ransomware Targets Windows, Linux, and VMware ESXi in Enterprise Environments
Cisco Talos has identified an emerging threat from Kraken, a sophisticated cross-platform ransomware group that has emerged from the remnants of the HelloKitty ransomware cartel. In August 2025, the security firm observed the Russian-speaking group conducting big-game hunting and double-extortion attacks against enterprise environments worldwide. Kraken represents a significant evolution in ransomware threats due to…
-
Ransomware’s Fragmentation Reaches a Breaking Point While LockBit Returns
Key Takeaways:85 active ransomware and extortion groups observed in Q3 2025, reflecting the most decentralized ransomware ecosystem to date.1,590 victims disclosed across 85 leak sites, showing high, sustained activity despite law-enforcement pressure.14 new ransomware brands launched this quarter, proving how quickly affiliates reconstitute after takedowns.LockBit’s reappearance with First seen on thehackernews.com Jump to article: thehackernews.com/2025/11/ransomwares-fragmentation-reaches.html
-
Kraken Ransomware Targets Windows, Linux, and VMware ESXi in Enterprise Environments
Cisco Talos has identified an emerging threat from Kraken, a sophisticated cross-platform ransomware group that has emerged from the remnants of the HelloKitty ransomware cartel. In August 2025, the security firm observed the Russian-speaking group conducting big-game hunting and double-extortion attacks against enterprise environments worldwide. Kraken represents a significant evolution in ransomware threats due to…
-
Ransomware’s Fragmentation Reaches a Breaking Point While LockBit Returns
Key Takeaways:85 active ransomware and extortion groups observed in Q3 2025, reflecting the most decentralized ransomware ecosystem to date.1,590 victims disclosed across 85 leak sites, showing high, sustained activity despite law-enforcement pressure.14 new ransomware brands launched this quarter, proving how quickly affiliates reconstitute after takedowns.LockBit’s reappearance with First seen on thehackernews.com Jump to article: thehackernews.com/2025/11/ransomwares-fragmentation-reaches.html
-
Ransomed CTO falls on sword, refuses to pay extortion demand
Checkout.com will instead donate the amount to fund cybercrime research First seen on theregister.com Jump to article: www.theregister.com/2025/11/13/ransomed_cto_refuses_extortion_demand/
-
Operation Endgame schaltet Schadsoftware ab
Ermittler aus Deutschland sind gemeinsam mit internationalen Partnern erneut erfolgreich gegen Cyberkriminalität vorgegangen. BundeskriminalamtDank globaler Zusammenarbeit ist Ermittlern ein Schlag gegen die Verbreitung von Schadsoftware gelungen. Man habe “einen der gefährlichsten Stealer und einen der meistgenutzten Trojaner weltweit unschädlich gemacht”, teilten die Zentralstelle zur Bekämpfung der Internetkriminalität und das Bundeskriminalamt (BKA) mit. Solche Systeme nisten sich…
-
Unleashing the Kraken ransomware group
In August 2025, Cisco Talos observed big-game hunting and double extortion attacks carried out by Kraken, a Russian-speaking group that has emerged from the remnants of the HelloKitty ransomware cartel. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/kraken-ransomware-group/
-
Google Launches New Maps Feature to Help Businesses Report Review-Based Extortion Attempts
Google on Thursday said it’s rolling out a dedicated form to allow businesses listed on Google Maps to report extortion attempts made by threat actors who post inauthentic bad reviews on the platform and demand ransoms to remove the negative comments.The approach is designed to tackle a common practice called review bombing, where online users…
-
Google Launches New Maps Feature to Help Businesses Report Review-Based Extortion Attempts
Google on Thursday said it’s rolling out a dedicated form to allow businesses listed on Google Maps to report extortion attempts made by threat actors who post inauthentic bad reviews on the platform and demand ransoms to remove the negative comments.The approach is designed to tackle a common practice called review bombing, where online users…