Tag: extortion
-
Dell demonstration platform breached by World Leaks extortion group
Tags: access, attack, breach, data, data-breach, defense, encryption, exploit, extortion, finance, group, insurance, international, leak, network, ransomware, risk, risk-management, strategy, threat, toolLimited impact but strategic implications: Dell emphasized that the breached platform is architecturally separated from customer-facing networks and internal production systems. “Data used in the solution center is primarily synthetic (fake) data, publicly available datasets used solely for product demonstration purposes or Dell scripts, systems data, non-sensitive information, and testing outputs,” the report added, quoting…
-
Demo-Plattform eines US-Computer-Herstellers gehackt
Dell confirms breach of test lab platform by World Leaks extortion group First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dell-confirms-breach-of-test-lab-platform-by-world-leaks-extortion-group/
-
Dell Data Breach World Leaks Group Hacks Test Lab Platform
Dell Technologies has acknowledged a significant security incident involving its Customer Solution Centers platform, with the World Leaks extortion group successfully infiltrating the isolated demonstration environment used for showcasing products to commercial clients. The breach, which occurred earlier this month, represents another high-profile attack by the newly rebranded threat actor formerly known as Hunters International.…
-
Dell confirms breach of test lab platform by World Leaks extortion group
A newly rebranded extortion gang known as “World Leaks” breached one of Dell’s product demonstration platforms earlier this month and is now trying to extort the company into paying a ransom. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dell-confirms-breach-of-test-lab-platform-by-world-leaks-extortion-group/
-
UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations
UNC6148 targets SonicWall devices with Overstep malware, using a backdoor and rootkit for data theft, extortion, or ransomware. Google’s Threat Intelligence Group warns that a threat actor tracked as UNC6148 has been targeting SonicWall SMA appliances with new malware dubbed Overstep. Active since at least October 2024, the group uses a backdoor and user-mode rootkit…
-
Louis Vuitton says regional data breaches tied to same cyberattack
Luxury fashion giant Louis Vuitton confirmed that breaches impacting customers in the UK, South Korea, and Turkey stem from the same security incident, which is believed to be linked to the ShinyHunters extortion group. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/louis-vuitton-says-regional-data-breaches-tied-to-same-cyberattack/
-
21-year-old former US soldier pleads guilty to hacking, extorting telecoms
Cameron John Wagenius faces up to 27 years in prison after pleading guilty to wire fraud, extortion and aggravated identity theft in data breaches involving major corporations. First seen on therecord.media Jump to article: therecord.media/cameron-john-wagenius-former-us-soldier-guilty-plea-hacking
-
Ex US Soldier Cameron Wagenius Guilty in Telecom Hacking and Extortion
Former US Army soldier Cameron Wagenius pleads guilty to hacking telecom companies and extorting $1 million+ using cybercrime forums like BreachForums and XSS. First seen on hackread.com Jump to article: hackread.com/us-soldier-cameron-wagenius-guilty-telecom-hacking-extortion/
-
Former US Army member confesses to Telecom hack and extortion conspiracy
A former US Army soldier pleaded guilty to hacking telecom databases, stealing data, and extorting companies by threatening to release the stolen info. A former Army soldier, Cameron John Wagenius (21) pleaded guilty to conspiring to hack telecom companies’ databases, steal sensitive records, and extort victims by threatening to release stolen data unless ransoms were…
-
Former U.S. Army Member Pleads Guilty in Telecom Hacking Case
A 21-year-old former U.S. Army soldier has pleaded guilty to participating in a sophisticated cybercrime operation that targeted telecommunications companies through hacking, data theft, and extortion schemes. Cameron John Wagenius, who was stationed in Texas during his military service, admitted to conspiring with others to breach protected computer networks and demand ransom payments from victim…
-
US Army soldier pleads guilty to hacking telcos and extortion
Cameron Wagenius had already pleaded guilty to other charges earlier this year. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/15/us-army-soldier-pleads-guilty-to-hacking-telcos-and-extortion/
-
Ex-US soldier who Googled ‘can hacking be treason’ pleads guilty to extortion
File this one under what not to search if you’ve committed a crime First seen on theregister.com Jump to article: www.theregister.com/2025/07/15/solider_hacking_guilty/
-
GLOBAL GROUP RaaS Adds AI-Powered Negotiation Feature for Ransom Demands
A newly surfaced Ransomware-as-a-Service operation, dubbed GLOBAL GROUP, has begun deploying an AI”driven negotiation tool that elevates the psychological pressure on victims and streamlines extortion workflows for affiliates. Security researchers at EclecticIQ first identified GLOBAL GROUP’s activity in early June on the Ramp4u underground forum, where the threat actor known as “$$$” shared an onion…
-
How defenders use the dark web
Tags: access, antivirus, attack, breach, corporate, credit-card, crypto, cyber, cybercrime, dark-web, data, data-breach, email, extortion, finance, fraud, government, group, hacker, healthcare, identity, incident, insurance, intelligence, Internet, interpol, law, leak, lockbit, mail, malware, monitoring, network, phishing, ransom, ransomware, service, software, theft, threat, tool, usa, vpnAttributing attacks to threat actors: When organizations suffer from data breaches and cyber incidents, the dark web becomes a crucial tool for defenders, including the impacted businesses, their legal teams, and negotiators.Threat actors such as ransomware groups often attack organizations to encrypt and steal their data so they can extort them for money, in exchange…
-
Qilin Leads in Exploiting Unpatched Fortinet Vulnerabilities
The Qilin group has surged to prominence by aggressively exploiting critical vulnerabilities in Fortinet devices, underscoring a broader trend of sophisticated cyber extortion tactics targeting data-dependent sectors. Global ransomware victims dropped to 463, a 15% decline from May’s 545, yet the intensity of attacks remained high, with Qilin claiming 81 victims through opportunistic intrusions leveraging…
-
Iranian ransomware group offers bigger payouts for attacks on Israel, US
The Iran-linked ransomware-as-a-service group Pay2Key.I2P reportedly told affiliates that they can keep a larger cut of extortion payments if they attack entities within Iran’s adversaries. First seen on therecord.media Jump to article: therecord.media/iran-ransomware-group-pay2keyi2p-israel-us-targets
-
Ransomware Attack Halts Ingram Micro Operations
SafePay Ransomware Blamed for Prolonged System Outage. Global tech distributor and service provider Ingram Micro confirmed days after a widespread IT outage that a ransomware attack disrupted internal systems. The firm disclosed the incident following reports that extortion demands associated with SafePay ransomware appeared on employee devices. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ransomware-attack-halts-ingram-micro-operations-a-28908
-
Hunters International Is Not Shutting Down, It’s Rebranding
Some admins of Hunters International are now part of the encryption-less cyber extortion group World Leaks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ransomware-hunters-international/
-
Hunters International shuts ransomware operations, reportedly becomes an extortion-only gang
This story has been updated with comments from the SANS Institute and KnowBe4.Next read this:The most notorious and damaging ransomware of all timeRansomware recovery: 8 steps to successfully restore from backupThe dirty dozen: 12 worst ransomware groups active todayThe state of ransomware: Faster, smarter, and meanerRansomware gangs extort victims 17 hours after intrusion on average>>…
-
Hunters International shuts ransomware operations, reportedly becomes an extortion-only gang called World Leaks
The most notorious and damaging ransomware of all timeRansomware recovery: 8 steps to successfully restore from backupThe dirty dozen: 12 worst ransomware groups active todayThe state of ransomware: Faster, smarter, and meanerRansomware gangs extort victims 17 hours after intrusion on average>> First seen on csoonline.com Jump to article: www.csoonline.com/article/4016974/hunters-international-shuts-ransomware-operations-reportedly-becomes-an-extortion-only-gang-called-world-leaks.html
-
Ein widerstandsfähiges SOC aufbauen
Warum es so wichtig ist zu den Grundlagen zurückzukehren. Oft passiert das Folgende in Unternehmen: Es gibt einen neuen Bedrohungsbericht über einen möglichen Angreifer und das SOC (Security Operation Center) beginnt mit der Suche nach Taktiken, Techniken und Verfahren (TTPs) ohne etwas zu finden. Zwei Monate später erpresst derselbe Angreifer das Unternehmen mit gestohlenen Daten….…
-
Scattered Spider Tactics Include Data Theft, Extortion: CrowdStrike
Threat researchers from CrowdStrike are pointing to Scattered Spider’s focus on more than just traditional ransomware attacks, as experts have separately linked the threat group to a data theft attack against Australian airline Qantas. First seen on crn.com Jump to article: www.crn.com/news/security/2025/scattered-spider-tactics-include-data-theft-extortion-crowdstrike
-
DOJ investigates ex-ransomware negotiator over extortion kickbacks
An ex-ransomware negotiator is under criminal investigation by the Department of Justice for allegedly working with ransomware gangs to profit from extortion payment deals. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/doj-investigates-ex-ransomware-negotiator-over-extortion-kickbacks/
-
Ransomware-Attacke auf Welthungerhilfe
Cyberkriminelle haben die Systeme der Welthungerhilfe gehackt.Die Welthungerhilfe zählt zu den größten gemeinnützigen Organisationen in Deutschland. Die Cyberbande Rhysida hat kürzlich einen Darknet-Post mit mehreren Datenkopien veröffentlicht, die angeblich von der Welthungerhilfe stammen.Eine Sprecherin der Hilfsorganisation bestätigte gegenüber CSO, dass es am 23. Mai 2025 zu einem Cyberangriff kam. Daraufhin seien die betroffenen Systeme sofort…
-
Ein widerstandsfähiges Security-Operations-Center aufbauen
Oft passiert das Folgende in Unternehmen: Es gibt einen neuen Bedrohungsbericht über einen möglichen Angreifer und das SOC (Security-Operations-Center) beginnt mit der Suche nach Taktiken, Techniken und Verfahren (TTPs) ohne etwas zu finden. Zwei Monate später erpresst derselbe Angreifer das Unternehmen mit gestohlenen Daten. An diesem Beispiel sieht man gut, wie das SOC aufgrund zu…
-
Bankers Association’s Attack on Cybersecurity Transparency
Tags: attack, awareness, banking, breach, ciso, control, cybersecurity, data, extortion, finance, group, incident response, infrastructure, insurance, law, malicious, ransomware, riskA coalition of banking industry associations, including SIFA, the American Bankers Association (ABA), Bank Policy Institute (BPI), and several other lobbying groups have made a disgraceful appeal to the SEC to eliminate the rule requiring public disclosure of material cybersecurity incidents within four days of detection. This rule was established to ensure shareholders are properly…
-
Bridewell report indicates rise in lone wolf ransomware actors
Tags: attack, cybersecurity, data, encryption, extortion, ransomware, service, strategy, theft, threatBridewell, a UK-based cybersecurity services company, has released its latest CTI Annual Report a comprehensive deep dive into ransomware trends. It highlighted a significant shift in attack strategies, payment dynamics and threat actor behaviours, revealing that data theft and extortion have overtaken traditional encryption-only ransomware as the most successful approach for attackers. While encryption-based The…
-
Dire Wolf Ransomware Comes Out Snarling, Bites Technology, Manufacturing
The emerging group has already gotten its teeth into 16 victims since May with its double extortion tactics, claiming victims in 11 countries, including the US, Thailand, and Taiwan. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/dire-wolf-ransomware-manufacturing-technology
-
Fewer ransomware attacks encrypting data, report finds
Hackers are increasingly performing extortion-only attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-extortion-only-encryption-sophos-report/751293/
-
Fewer ransomware attacks encrypting data, new report finds
Hackers are increasingly performing extortion-only attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-extortion-only-encryption-sophos-report/751293/