Tag: extortion
-
Scattered Spider Tactics Include Data Theft, Extortion: CrowdStrike
Threat researchers from CrowdStrike are pointing to Scattered Spider’s focus on more than just traditional ransomware attacks, as experts have separately linked the threat group to a data theft attack against Australian airline Qantas. First seen on crn.com Jump to article: www.crn.com/news/security/2025/scattered-spider-tactics-include-data-theft-extortion-crowdstrike
-
DOJ investigates ex-ransomware negotiator over extortion kickbacks
An ex-ransomware negotiator is under criminal investigation by the Department of Justice for allegedly working with ransomware gangs to profit from extortion payment deals. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/doj-investigates-ex-ransomware-negotiator-over-extortion-kickbacks/
-
Ransomware-Attacke auf Welthungerhilfe
Cyberkriminelle haben die Systeme der Welthungerhilfe gehackt.Die Welthungerhilfe zählt zu den größten gemeinnützigen Organisationen in Deutschland. Die Cyberbande Rhysida hat kürzlich einen Darknet-Post mit mehreren Datenkopien veröffentlicht, die angeblich von der Welthungerhilfe stammen.Eine Sprecherin der Hilfsorganisation bestätigte gegenüber CSO, dass es am 23. Mai 2025 zu einem Cyberangriff kam. Daraufhin seien die betroffenen Systeme sofort…
-
Ein widerstandsfähiges Security-Operations-Center aufbauen
Oft passiert das Folgende in Unternehmen: Es gibt einen neuen Bedrohungsbericht über einen möglichen Angreifer und das SOC (Security-Operations-Center) beginnt mit der Suche nach Taktiken, Techniken und Verfahren (TTPs) ohne etwas zu finden. Zwei Monate später erpresst derselbe Angreifer das Unternehmen mit gestohlenen Daten. An diesem Beispiel sieht man gut, wie das SOC aufgrund zu…
-
Bankers Association’s Attack on Cybersecurity Transparency
Tags: attack, awareness, banking, breach, ciso, control, cybersecurity, data, extortion, finance, group, incident response, infrastructure, insurance, law, malicious, ransomware, riskA coalition of banking industry associations, including SIFA, the American Bankers Association (ABA), Bank Policy Institute (BPI), and several other lobbying groups have made a disgraceful appeal to the SEC to eliminate the rule requiring public disclosure of material cybersecurity incidents within four days of detection. This rule was established to ensure shareholders are properly…
-
Bridewell report indicates rise in lone wolf ransomware actors
Tags: attack, cybersecurity, data, encryption, extortion, ransomware, service, strategy, theft, threatBridewell, a UK-based cybersecurity services company, has released its latest CTI Annual Report a comprehensive deep dive into ransomware trends. It highlighted a significant shift in attack strategies, payment dynamics and threat actor behaviours, revealing that data theft and extortion have overtaken traditional encryption-only ransomware as the most successful approach for attackers. While encryption-based The…
-
Dire Wolf Ransomware Comes Out Snarling, Bites Technology, Manufacturing
The emerging group has already gotten its teeth into 16 victims since May with its double extortion tactics, claiming victims in 11 countries, including the US, Thailand, and Taiwan. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/dire-wolf-ransomware-manufacturing-technology
-
Fewer ransomware attacks encrypting data, report finds
Hackers are increasingly performing extortion-only attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-extortion-only-encryption-sophos-report/751293/
-
Fewer ransomware attacks encrypting data, new report finds
Hackers are increasingly performing extortion-only attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-extortion-only-encryption-sophos-report/751293/
-
Successful Military Attacks are Driving Nation States to Cyber Options
Tags: attack, china, communications, computing, cyber, cyberattack, cybersecurity, data, defense, exploit, extortion, finance, fraud, government, healthcare, infrastructure, iran, korea, middle-east, military, north-korea, russia, service, tactics, technology, tool, ukraine, vulnerability, warfareWith daring military attacks, kinetic warfare is shifting the balance of power in regions across the globe, upending the perception of power projection. Powerful nations are reeling from the impacts of bold assaults and seeking additional methods to drive foreign policy”Š”, “Šcyber may look as an appealing asymmetric warfare capability that is worth doubling-down on.…
-
Qilin ransomware strengthens data extortion tactics
First seen on scworld.com Jump to article: www.scworld.com/brief/qilin-ransomware-strengthens-data-extortion-tactics
-
Qilin offers >>Call a lawyer<< button for affiliates attempting to extort ransoms from victims who won't pay
Imagine for one moment that you are a cybercriminal. First seen on tripwire.com Jump to article: www.tripwire.com/state-of-security/qilin-offers-call-lawyer-button-affiliates-attempting-extort-ransoms-victims
-
Qilin Ransomware Rises as Major Threat, Demanding $50M in Ransom
The global cybersecurity landscape is facing a seismic shift as the Qilin ransomware group, also known as Agenda, has surged to the forefront of digital extortion, demanding ransoms as high as $50 million and disrupting critical services worldwide. Once an obscure player, Qilin has rapidly evolved into the most prevalent and technically sophisticated ransomware operation…
-
Anubis Ransomware Adds Wiper Capability, for Unclear Reasons
Move Raises Possibility Group Isn’t Just Marketing Its Malware to Criminals Up-and-coming ransomware group Anubis has tweaked its malware to irrevocably wipe victims’ data – an unusual tactic from hackers whose typical corrupt bargain is restored data in exchange for extortion money. Why would a ransomware attacker seeking leverage in negotiations ever do this? First…
-
Scania confirms insurance claim data breach in extortion attempt
Automotive giant Scania confirmed it suffered a cybersecurity incident where threat actors used compromised credentials to breach its systems and steal insurance claim documents. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/scania-confirms-insurance-claim-data-breach-in-extortion-attempt/
-
Operation 999: Ransomware tabletop tests cyber execs’ response
Tags: access, attack, blueteam, breach, computer, conference, cyber, cyberattack, cybersecurity, data, data-breach, extortion, group, hacker, incident, incident response, infrastructure, leak, military, network, ransom, ransomware, RedTeam, resilience, risk, service, threat, tool, trainingExtortion attempts rebuffed: As the exercise moved on, the blue team refuse to pay a ransom after consulting with the authorities, legal teams, and crisis management experts. Instead of upping the ante by threatening to sabotage the water treatment algorithms or chemical pumps, potentially tainting the supply, the attackers decide to leak customer records online…
-
Ransomware Group Threatens to Dump Paraguayan Citizens’ Data
7.2 Million Individuals’ Personal Data Being Held to Ransom by Threat Actor. A data-leak group extortion is shaking down the government of Paraguay for a ransom payment worth $7.4 million, or $1 for every one of the country’s citizens. The group, calling itself Brigada Cyber PMC, claims the stolen data includes people’s personally identifiable information.…
-
CISA warns of SimpleHelp ransomware compromises after string of retail attacks
Ransomware gangs leveraged a vulnerability to access unpatched versions of SimpleHelp’s remote monitoring and management tool to disrupt services in double extortion compromises. First seen on therecord.media Jump to article: therecord.media/cisa-warns-of-simplehelp-ransomware-compromises
-
Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday disclosed that ransomware actors are targeting unpatched SimpleHelp Remote Monitoring and Management (RMM) instances to compromise customers of an unnamed utility billing software provider.”This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp First seen on thehackernews.com Jump to…
-
United Natural Foods, distributor for Whole Foods Market, hit by cyberattack
The incident follows a spree of ransomware and extortion attacks targeting multiple U.S.- and U.K.-based retailers, including grocery stores. The logistics company said its operations are impacted. First seen on cyberscoop.com Jump to article: cyberscoop.com/united-natural-foods-whole-foods-distributor-cyberattack/
-
Stolen Ticketmaster data from Snowflake attacks briefly for sale again
The Arkana Security extortion gang briefly listed over the weekend what appeared to be newly stolen Ticketmaster data but is instead the data stolen during the 2024 Snowflake data theft attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/stolen-ticketmaster-data-from-snowflake-attacks-briefly-for-sale-again/
-
Instagram-Konto eines Tierschutzvereins aus Deutschland gehackt
Hacker erpresst Tierschützer: Angst um Hunde in Tötungsstationen First seen on waz.de Jump to article: www.waz.de/lokales/duisburg/article409187135/hacker-erpresst-tierschuetzer-angst-um-hunde-in-toetungsstationen.html
-
Cyberangriff auf eine Gemeinde in Niedersachsen, Deutschland
Versuchte Erpressung mit Cyberangriff in Ostercappeln: Was über den Vorfall bekannt ist First seen on noz.de Jump to article: www.noz.de/lokales/ostercappeln/artikel/nach-cyberangriff-auf-das-rathaus-ostercappeln-so-ist-der-stand-48809007
-
Data extortion attacks hit Salesforce customers
First seen on scworld.com Jump to article: www.scworld.com/brief/data-extortion-attacks-hit-salesforce-customers
-
Hackers Are Stealing Salesforce Data, Google Warns
By Christy Lynch This post summarizes the June 4, 2025 threat intelligence update from Google and offers additional recommendations from Reveal Security based on similar and recently observed attack patterns targeting SaaS applications and cloud infrastructure. Reveal Security monitors the overall cyber landscape for unique threats that can evade legacy detection methodologies. This UNC6040 campaign…
-
Members of ViLE Hacker Group Arrested for Hacking DEA Portal
Two members of the cybercriminal group “ViLE” were sentenced this week in Brooklyn federal court for their roles in a high-profile hacking and extortion scheme targeting a U.S. federal law enforcement web portal. Sagar Steven Singh, known online as “Weep,” received a 27-month prison sentence, while Nicholas Ceraolo, also known as “Convict,” “Anon,” and “Ominous,”…
-
ViLE gang members sentenced for DEA portal breach, extortion
Two members of a group of cybercriminals named ViLE were sentenced this week for hacking into a federal law enforcement web portal in an extortion scheme. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/vile-gang-members-sentenced-for-breaching-law-enforcement-portal/
-
ViLE gang members sentenced for extortion, police portal breach
Two members of a group of cybercriminals named ViLE were sentenced this week for hacking into a federal law enforcement web portal in an extortion scheme. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/vile-gang-members-sentenced-for-breaching-law-enforcement-portal/