Tag: extortion

Clop Accessed “Significant Amount” of Data in Oracle EBS Exploit

Oct 10, 2025 1:23 PM

Tags: data, exploit, extortion, google, oracle

GTIG highlighted indicators that Clop is behind the extortion campaign targeting Oracle EBS instances, with its activity likely beginning as early as August 9 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/google-clop-data-oracle-exploit/
FBI takes down BreachForums portal used for Salesforce extortion

Oct 10, 2025 11:23 AM

Tags: attack, breach, corporate, data, extortion, group, hacking, ransomware

The FBI has seized last night all domains for the BreachForums hacking forum operated by the ShinyHunters group mostly as a portal for leaking corporate data stolen in attacks from ransomware and extortion gangs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-takes-down-breachforums-portal-used-for-salesforce-extortion/
Google Issues Alert on CL0P Ransomware Actively Exploiting Oracle E-Business Suite Zero-Day

Oct 10, 2025 8:23 AM

Tags: business, cyber, email, exploit, extortion, google, group, intelligence, malicious, mandiant, oracle, ransomware, theft, threat, zero-day

Organizations using Oracle E-Business Suite must apply the October 4 emergency patches immediately to mitigate active, in-the-wild exploitation by CL0P extortion actors and hunt for malicious templates in their databases. Beginning September 29, 2025, Google Threat Intelligence Group (GTIG) and Mandiant identified a massive email campaign targeting executives at dozens of organizations, alleging theft of…
Google Says Oracle EBS Extortion Campaign Possibly Targeted Thousands, Could Date Back To July

Oct 9, 2025 8:24 PM

Tags: business, extortion, google, group, intelligence, mandiant, oracle, threat

Google Threat Intelligence Group and Mandiant share new details on the Oracle E-Business Suite extortion campaign by a threat actor possibly tied to ShinyHunters. First seen on crn.com Jump to article: www.crn.com/news/security/2025/google-says-oracle-ebs-extortion-campaign-possibly-targeted-thousands-could-date-back-to-july
‘Dozens’ of organizations had data stolen in Oracle-linked hacks

Oct 9, 2025 8:24 PM

Tags: breach, business, data, extortion, flaw, group, hacking, oracle

The mass-hacks targeting Oracle E-Business customers is the latest hacking campaign by Clop, an extortion group known for abusing security flaws in enterprise products to steal large amounts of sensitive data. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/09/dozens-of-organizations-had-data-stolen-in-oracle-linked-hacks/
Hack of age verification firm may have exposed 70,000 Discord users’ ID photos

Oct 9, 2025 7:23 PM

Tags: credit-card, data-breach, email, extortion, hacker, password, ransom, service

Names, email addresses and other contact details of users from around the world could also have been takenGovernment ID photos of about 70,000 global users of Discord, a popular messaging and chat platform among video gamers, may have been exposed after hackers compromised a company contracted to carry out age verification checks.Some users’ names, email…
Dozens of Oracle customers impacted by Clop data theft for extortion campaign

Oct 9, 2025 6:24 PM

Tags: data, exploit, extortion, malicious, oracle, theft

Researchers said malicious activity dates back to early July and active exploitation was observed two months ago. First seen on cyberscoop.com Jump to article: cyberscoop.com/oracle-customers-attacks-clop-google-mandiant/
Discord Says Hackers Stole 70,000 ID Photos, Dismisses Extortion Claims

Oct 9, 2025 6:24 PM

Tags: data, data-breach, extortion, government, hacker

70,000 Discord users had government ID photos and private data exposed via a third-party vendor breach. See Discord’s full response and critical security steps to protect your identity. First seen on hackread.com Jump to article: hackread.com/discord-hackers-id-photos-dismisses-extortion-claim/
Hack of age verification firm may have exposed Discord users’ ID photos

Oct 9, 2025 5:23 PM

Tags: credit-card, data-breach, email, extortion, hacker, password, ransom, service

Names, email addresses and other contact details of about 70,000 global users could also have been takenGovernment ID photos of about 70,000 global users of Discord, a popular messaging and chat platform among video gamers, may have been exposed after hackers compromised a company contracted to carry out age verification checks.Some users’ names, email addresses…
The ultimate business resiliency test: Inside Kantsu’s ransomware response

Oct 9, 2025 10:23 AM

Tags: access, attack, backup, business, cloud, corporate, cyber, cyberattack, data, data-breach, email, extortion, finance, group, insurance, Internet, leak, network, office, ransom, ransomware, risk, service, training, vulnerability, wifi

set up a new group email system and secure emergency contact pointsestablish a dedicated contact point for business partners to handle inquiriesprohibit internal internet accesscheck the operational status of major systemsAll shipping operations came to a halt. The company explained the situation to all employees at 9:00 a.m., and began assessing the damage and taking…
The ultimate business resiliency test: Inside Kantsu’s ransomware response

Oct 9, 2025 10:23 AM

Tags: access, attack, backup, business, cloud, corporate, cyber, cyberattack, data, data-breach, email, extortion, finance, group, insurance, Internet, leak, network, office, ransom, ransomware, risk, service, training, vulnerability, wifi

set up a new group email system and secure emergency contact pointsestablish a dedicated contact point for business partners to handle inquiriesprohibit internal internet accesscheck the operational status of major systemsAll shipping operations came to a halt. The company explained the situation to all employees at 9:00 a.m., and began assessing the damage and taking…
The ultimate business resiliency test: Inside Kantsu’s ransomware response

Oct 9, 2025 10:23 AM

Tags: access, attack, backup, business, cloud, corporate, cyber, cyberattack, data, data-breach, email, extortion, finance, group, insurance, Internet, leak, network, office, ransom, ransomware, risk, service, training, vulnerability, wifi

set up a new group email system and secure emergency contact pointsestablish a dedicated contact point for business partners to handle inquiriesprohibit internal internet accesscheck the operational status of major systemsAll shipping operations came to a halt. The company explained the situation to all employees at 9:00 a.m., and began assessing the damage and taking…
Discord Data Breach Exposes 1.5 TB of Data and 2 Million Government ID Photos

Oct 9, 2025 9:23 AM

Tags: breach, cyber, cybercrime, data, data-breach, extortion, government, service, threat

The popular communication platform Discord is confronting a major extortion attempt after cybercriminals breached one of its third-party customer service providers, compromising sensitive user data including government identification photos used for age verification. Threat actors claim to have exfiltrated1.5 terabytesof sensitive information, including over2.1 million government-issued identification photos. However, Discord disputes these figures, stating that…
Discord Data Breach Exposes 1.5 TB of Data and 2 Million Government ID Photos

Oct 9, 2025 9:23 AM

Tags: breach, cyber, cybercrime, data, data-breach, extortion, government, service, threat

The popular communication platform Discord is confronting a major extortion attempt after cybercriminals breached one of its third-party customer service providers, compromising sensitive user data including government identification photos used for age verification. Threat actors claim to have exfiltrated1.5 terabytesof sensitive information, including over2.1 million government-issued identification photos. However, Discord disputes these figures, stating that…
The Evolution of Chaos: Ransomware’s New Era of Speed and Intelligence

Oct 9, 2025 9:23 AM

Tags: crypto, cyber, extortion, finance, intelligence, ransomware, risk, tactics, theft

In 2025, the notorious Chaos ransomware has undergone a dramatic transformation, emerging with a sophisticated C++ variant that represents the most dangerous iteration to date. This marks the first time Chaos has departed from its traditional .NET foundation, introducing destructive extortion tactics and cryptocurrency theft capabilities that significantly amplify both operational impact and financial risk…
Salesforce says it won’t pay extortion demand in 1 billion records breach

Oct 9, 2025 7:25 AM

Tags: breach, extortion

Scattered LAPSUS$ Hunters gave Salesforce until Friday to pay or else. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/10/salesforce-says-it-wont-pay-extortion-demand-in-1-billion-records-breach/
Red Hat breach escalates as criminals collaborate on ‘multi-terabyte’ extortion plot

Oct 9, 2025 7:25 AM

Tags: attack, breach, extortion

Bad guys promise not to attack customers if they get paid First seen on theregister.com Jump to article: www.theregister.com/2025/10/07/red_hat_breach_new_claims/
Red Hat breach escalates as criminals collaborate on ‘multi-terabyte’ extortion plot

Oct 9, 2025 7:25 AM

Tags: attack, breach, extortion

Bad guys promise not to attack customers if they get paid First seen on theregister.com Jump to article: www.theregister.com/2025/10/07/red_hat_breach_new_claims/
LockBit, Qilin & DragonForce Join Forces in Ransomware ‘Cartel’

Oct 9, 2025 7:25 AM

Tags: attack, crime, extortion, lockbit, ransomware

The three extortion gangs also invited other e-crime attackers to join their collaboration to share attack information and resources, in the wake of LockBit 5.0 being released. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/extortion-gangs-join-forces-ransomware-cartel
Qilin ransomware claims Asahi brewery attack, leaks data

Oct 8, 2025 8:58 PM

Tags: attack, dark-web, data, extortion, group, leak, ransomware

The Qilin ransomware group has claimed responsibility for the attack at Japanese beer maker Asahi, adding the company to its extortion page on the dark web yesterday. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/qilin-ransomware-claims-asahi-brewery-attack-leaks-data/
Qilin ransomware claims Asahi brewery attack, leaks data

Oct 8, 2025 8:58 PM

Tags: attack, dark-web, data, extortion, group, leak, ransomware

The Qilin ransomware group has claimed responsibility for the attack at Japanese beer maker Asahi, adding the company to its extortion page on the dark web yesterday. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/qilin-ransomware-claims-asahi-brewery-attack-leaks-data/
Crimson Collective hackers target AWS cloud instances for data theft

Oct 8, 2025 7:58 PM

Tags: cloud, data, extortion, group, hacker, theft

The ‘Crimson Collective’ threat group has been targeting AWS (Amazon Web Services) cloud environments for the past weeks, to steal data and extort companies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/crimson-collective-hackers-target-aws-cloud-instances-for-data-theft/
Take this rob and shove it! Salesforce issues stern retort to ransomware extort

Oct 8, 2025 7:58 PM

Tags: extortion, ransomware

CRM giant ‘will not engage, negotiate with, or pay’ the scumbags First seen on theregister.com Jump to article: www.theregister.com/2025/10/08/salesforce_refuses_to_pay_ransomware/
Salesforce refuses to submit to extortion demands linked to hacking campaigns

Oct 8, 2025 6:58 PM

Tags: extortion, hacking

The company said it is aware of recent claims, but will not negotiate or pay a ransom. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/salesforce-refuses-extortion-demands-hacking/802355/
Salesforce refuses to submit to extortion demands linked to hacking campaigns

Oct 8, 2025 6:58 PM

Tags: extortion, hacking

The company said it is aware of recent claims, but will not negotiate or pay a ransom. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/salesforce-refuses-extortion-demands-hacking/802355/
Salesforce refuses to submit to extortion demands linked to hacking campaigns

Oct 8, 2025 6:58 PM

Tags: extortion, hacking

The company said it is aware of recent claims, but will not negotiate or pay a ransom. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/salesforce-refuses-extortion-demands-hacking/802355/
Purdue 2.0? : Rising to the Challenge to secure OT with Zero Trust Connectivity

Oct 8, 2025 3:58 PM

Tags: access, ai, attack, automation, breach, cloud, compliance, control, corporate, csf, cyber, cybercrime, cybersecurity, data, defense, detection, dns, email, endpoint, espionage, exploit, extortion, firewall, firmware, framework, incident response, infrastructure, intelligence, Internet, iot, malicious, malware, mitre, monitoring, network, nist, organized, phishing, ransomware, resilience, risk, service, siem, soc, software, spear-phishing, supply-chain, tactics, technology, theft, threat, tool, unauthorized, update, vpn, vulnerability, zero-trust

Our connected world is getting dangerously messy. Demands on the effective protection of OT environments has never been greater than it is today. This is only growing. Cybercrime is becoming more organized with RaaS and the internal threat is enhanced by huge payouts of initial access brokers. Additionally, Nation States are posturing for cyber war…
Purdue 2.0? : Rising to the Challenge to secure OT with Zero Trust Connectivity

Oct 8, 2025 3:58 PM

Tags: access, ai, attack, automation, breach, cloud, compliance, control, corporate, csf, cyber, cybercrime, cybersecurity, data, defense, detection, dns, email, endpoint, espionage, exploit, extortion, firewall, firmware, framework, incident response, infrastructure, intelligence, Internet, iot, malicious, malware, mitre, monitoring, network, nist, organized, phishing, ransomware, resilience, risk, service, siem, soc, software, spear-phishing, supply-chain, tactics, technology, theft, threat, tool, unauthorized, update, vpn, vulnerability, zero-trust

Our connected world is getting dangerously messy. Demands on the effective protection of OT environments has never been greater than it is today. This is only growing. Cybercrime is becoming more organized with RaaS and the internal threat is enhanced by huge payouts of initial access brokers. Additionally, Nation States are posturing for cyber war…
Teenagers arrested in England over cyberattack on nursery chain Kido

Oct 8, 2025 2:58 PM

Tags: cyberattack, extortion

London’s Metropolitan Police announced the arrests of two 17-year-old boys who are under questioning in relation to the hack and extortion of the Kido chain. First seen on therecord.media Jump to article: therecord.media/kido-nursery-school-chain-hack-arrests-britain
Teenagers arrested in England over cyberattack on nursery chain Kido

Oct 8, 2025 2:58 PM

Tags: cyberattack, extortion

London’s Metropolitan Police announced the arrests of two 17-year-old boys who are under questioning in relation to the hack and extortion of the Kido chain. First seen on therecord.media Jump to article: therecord.media/kido-nursery-school-chain-hack-arrests-britain