Tag: extortion

ViLE gang members sentenced for extortion, police portal breach

Jun 5, 2025 11:55 AM

Tags: breach, cybercrime, extortion, group, hacking, law

Two members of a group of cybercriminals named ViLE were sentenced this week for hacking into a federal law enforcement web portal in an extortion scheme. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/vile-gang-members-sentenced-for-breaching-law-enforcement-portal/
Play ransomware crims exploit SimpleHelp flaw in double-extortion schemes

Jun 5, 2025 1:54 AM

Tags: exploit, extortion, flaw, phone, ransomware, threat

Recompiled binaries and phone threats used to boost the pressure First seen on theregister.com Jump to article: www.theregister.com/2025/06/04/play_ransomware_infects_900_victims/
Hackers abuse malicious version of Salesforce tool for data theft, extortion

Jun 4, 2025 5:55 PM

Tags: data, extortion, group, hacker, malicious, phishing, theft, threat, tool

A threat group is using voice phishing to trick targeted organizations into sharing sensitive credentials. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/hackers-abuse-salesforce-tool-extortion/749790/
Google warns of cybercriminals targeting Salesforce app to steal data, extort companies

Jun 4, 2025 5:55 PM

Tags: cybercrime, data, extortion, google, tool

Researchers at Google said the current campaign involving versions of the Salesforce Data Loader tool has targeted about 20 organizations and is ongoing. First seen on therecord.media Jump to article: therecord.media/google-warns-cybercriminals-targeting-salesforce-apps
Fake IT support calls hit 20 orgs, end in stolen Salesforce data and extortion, Google warns

Jun 4, 2025 5:55 PM

Tags: breach, data, extortion, google

Victims include hospitality, retail and education sectors First seen on theregister.com Jump to article: www.theregister.com/2025/06/04/fake_it_support_calls_hit/
Hackers use Vishing to breach Salesforce customers and swipe data

Jun 4, 2025 4:55 PM

Tags: access, attack, authentication, best-practice, breach, cloud, data, extortion, group, hacker, least-privilege, malware, mfa, microsoft, monitoring, network, okta, service, social-engineering, tactics, threat, tool

Lateral movement for further extortion: After breaching Salesforce, the group moves laterally across cloud services, targeting tools like Okta, Microsoft 365, and Workplace to widen the scope of the breach.Researchers point out that, in some cases, extortion attempts have surfaced months after the initial intrusion, with the threat actors even claiming ties to the infamous…
Hackers target Salesforce accounts in data extortion attacks

Jun 4, 2025 4:55 PM

Tags: attack, data, extortion, google, group, hacker, social-engineering

Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against multi-national companies to steal data from organizations’ Salesforce platforms. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-hackers-target-salesforce-accounts-in-data-extortion-attacks/
Ransomware-Bande erpresst Volkswagen

Jun 2, 2025 3:54 PM

Tags: access, authentication, cyberattack, dark-web, data, extortion, germany, group, hacker, intelligence, ransomware, threat

Im Darknet ist ein Hinweis auf einen Datendiebstahl bei der Volkswagen Gruppe aufgetaucht.Die Volkswagen Gruppe mit Sitz in Wolfsburg zählt weltweit zu den größten Autokonzernen und ist damit ein attraktives Ziel für Cyberkriminelle. Die Ransomware-Bande Stormous veröffentlichte kürzlich einen Darknet-Post mit angeblich geleakten Volkswagen-Daten. Wie die Threat-Intelligence-Experten von FalconFeeds berichten, soll es sich dabei unter…
Cybersecurity Snapshot: New Standard for AI System Security Published, While Study Finds Cyber Teams Boost Value of Business Projects

May 31, 2025 6:55 AM

Tags: access, ai, attack, authentication, awareness, best-practice, breach, business, ceo, ciso, cloud, compliance, computer, conference, control, cyber, cybersecurity, data, email, extortion, framework, group, guide, hacker, Hardware, intelligence, Internet, kubernetes, law, linux, login, metric, mfa, microsoft, mobile, phishing, ransom, ransomware, risk, service, software, supply-chain, technology, threat, tool, unauthorized, update, windows

Check out ETSI’s new global standard for securing AI systems and models. Plus, learn how CISOs and their teams add significant value to orgs’ major initiatives. In addition, discover what webinar attendees told Tenable about their cloud security challenges. And get the latest on properly decommissioning tech products; a cyber threat targeting law firms; and…
Australian ransomware victims now must tell the government if they pay up

May 30, 2025 2:55 PM

Tags: country, extortion, government, ransomware

Australia is now the first country to require ransomware victims to report if they make any extortion payments to their attackers. First seen on therecord.media Jump to article: therecord.media/australia-ransomware-victims-must-report-payments
‘Everest Group’ Extorts Global Orgs via SAP’s HR Tool

May 30, 2025 7:55 AM

Tags: attack, breach, extortion, group, sap, tool

In addition to Coca-Cola, entities in Abu Dhabi, Jordan, Namibia, South Africa, and Switzerland are experiencing extortion attacks, all involving stolen SAP SuccessFactor data. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/everest-group-extorts-global-orgs-hr-tool
6 rising malware trends every security pro should know

May 29, 2025 8:55 AM

Tags: adobe, ai, antivirus, apple, attack, awareness, backdoor, business, captcha, cloud, corporate, cybercrime, data, defense, detection, encryption, endpoint, exploit, extortion, framework, group, hacking, incident response, infrastructure, intelligence, Internet, law, leak, macOS, malicious, malware, network, password, phishing, powershell, programming, pypi, ransom, ransomware, service, social-engineering, software, supply-chain, tactics, theft, threat, tool, update, vulnerability, worm

Malicious packages targeting developer environments: Threat actors are systematically compromising the software supply chain by embedding malicious code within legitimate development tools, libraries, and frameworks that organizations use to build applications.”These supply chain attacks exploit the trust between developers and package repositories,” Immersive’s McCarthy tells CSO. “Malicious packages often mimic legitimate ones while running harmful…
Iranian Hacker Pleads Guilty in $19 Million Robbinhood Ransomware Attack on Baltimore

May 28, 2025 8:55 PM

Tags: attack, computer, extortion, hacker, international, iran, network, ransom, ransomware

An Iranian national has pleaded guilty in the U.S. over his involvement in an international ransomware and extortion scheme involving the Robbinhood ransomware.Sina Gholinejad (aka Sina Ghaaf), 37, and his co-conspirators are said to have breached the computer networks of various organizations in the United States and encrypted files with Robbinhood ransomware to demand Bitcoin…
Hacker stehlen Coca-Cola-Daten

May 28, 2025 3:55 PM

Tags: access, cyberattack, dark-web, data-breach, extortion, hacker, ransom, ransomware

Der Coca-Cola-Abfüller Coca-Cola Europacific Partners ist von einem Datenleck betroffen.Cyberkriminelle behaupten in einem Darknet-Post, mehr als 64 Gigabyte Daten mit 23 Millionen Einträgen von Coca-Cola Europacific Partners gestohlen zu haben. Darunter befinden sich demnach Kundendaten und Kontaktinformationen, Verkaufsfälle und Produktdaten, Lieferadressen und Telefonnummern sowie Bestellnummern und Zusammenfassungen.Der Coca-Cola-Produzent hat sich bisher noch nicht offiziell zu…
Iranian pleads guilty to launching Baltimore ransomware attack, faces 30 years behind bars

May 27, 2025 10:54 PM

Tags: attack, extortion, iran, ransom, ransomware

Sina Gholinejad admitted to using the Robbinhood ransomware variant to extort ransom payments from dozens of victims. First seen on therecord.media Jump to article: therecord.media/iranian-years-decades-guilty-ransomware
Cancer Center Pays Patients $11.5M in Double-Extortion Hack

May 27, 2025 10:54 PM

Tags: attack, extortion, hacker, ransomware

Some Patients Threatened Directly by Hackers; Center to Spend $13.5M on Security. A Seattle cancer center has agreed to pay $11.5 million to settle a proposed class action lawsuit involving a 2023 double-extortion ransomware attack that affected 2.1 million people, with some patients directly threatened by hackers with swatting attacks if they didn’t pay a…
Iranian pleads guilty to RobbinHood ransomware attacks, faces 30 years

May 27, 2025 9:54 PM

Tags: attack, breach, data, extortion, iran, network, ransomware

An Iranian national has pleaded guilty to participating in the Robbinhood ransomware operation, which was used to breach the networks, steal data, and encrypt devices of U.S. cities and organizations in an attempt to extort millions of dollars over a five-year span. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/iranian-pleads-guilty-to-robbinhood-ransomware-attacks-faces-30-years/
FBI: Silent Ransom Group Adopts Vishing Campaign Against Law Firms

May 27, 2025 7:54 PM

Tags: extortion, group, law, ransom, ransomware, tactics

The non-ransomware extortion group has switched up tactics and victimology in a deliberate and focused campaign similar to those of other attackers focused on stealing sensitive data. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/fbi-silent-ransom-group-vishing-law-firms
Hackers Are Calling Your Office: FBI Alerts Law Firms to Luna Moth’s Stealth Phishing Campaign

May 27, 2025 10:54 AM

Tags: access, attack, data, email, extortion, hacker, law, office, phishing, social-engineering, technology

The U.S. Federal Bureau of Investigation (FBI) has warned of social engineering attacks mounted by a criminal extortion actor known as Luna Moth targeting law firms over the past two years.The campaign leverages “information technology (IT) themed social engineering calls, and callback phishing emails, to gain remote access to systems or devices and steal sensitive…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 46

May 25, 2025 4:54 PM

Tags: attack, extortion, international, malicious, malware, pypi, ransomware, tool

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang RVTools Bumblebee Malware Attack How a Trusted IT Tool Became a Malware Delivery Vector Malicious ‘Checker’ Packages on PyPI Probe TikTok and Instagram for Valid Accounts […]…
Silent Ransom Group targeting law firms, the FBI warns

May 24, 2025 6:55 PM

Tags: extortion, group, law, phishing, ransom, social-engineering

FBI warns Silent Ransom Group has targeted U.S. law firms for 2 years using callback phishing and social engineering extortion tactics. The FBI warns that the Silent Ransom Group, active since 2022 and also known as Luna Moth, has targeted U.S. law firms using phishing and social engineering. Linked to BazarCall campaigns, the group previously…
FBI warns of Luna Moth extortion attacks targeting law firms

May 23, 2025 5:55 PM

Tags: attack, extortion, group, law, phishing, ransom, social-engineering

The FBI warned that an extortion gang known as the Silent Ransom Group has been targeting U.S. law firms over the last two years in callback phishing and social engineering attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-warns-of-luna-moth-extortion-attacks-targeting-law-firms/
BKA gelingt Schlag gegen Cyberkriminelle

May 23, 2025 9:55 AM

Tags: cybercrime, extortion, germany, international, usa

Im Rahen der “Operation Endgame” wurden die derzeit einflussreichsten Schadsoftware-Varianten vom Netz genommen. BKASicherheitsbehörden ist ein Schlag gegen die weltweite Cyberkriminalität gelungen. Im Laufe dieser Woche seien dank der “Operation Endgame” die derzeit einflussreichsten Schadsoftware-Varianten vom Netz genommen und die dahinterstehenden Täter identifiziert worden, teilte das Bundeskriminalamt (BKA) mit.Von den insgesamt 37 identifizierten Akteuren werden…
19-Year-Old Admits to PowerSchool Data Breach Extortion

May 22, 2025 1:56 PM

Tags: breach, cyber, data, data-breach, extortion

A 19-year-old college student faces charges after pleading guilty to cyber extortion targeting PowerSchool, exposing data of 60… First seen on hackread.com Jump to article: hackread.com/19-year-old-admits-powerschool-data-breach-extortion/
US teen to plead guilty to extortion attack against PowerSchool

May 21, 2025 11:54 PM

Tags: attack, extortion

The 19-year-old and a partner first tried to extort an unnamed telco, but failed First seen on theregister.com Jump to article: www.theregister.com/2025/05/21/teenager_extortion_powerschool/
‘Deep concern’ for domestic abuse survivors as cybercriminals expected to publish confidential refuge addresses

May 21, 2025 5:55 PM

Tags: cybercrime, data, extortion, government, vulnerability

A data extortion incident impacting the British government’s Legal Aid Agency could have serious implications for vulnerable people. First seen on therecord.media Jump to article: therecord.media/concern-domestic-survivors-breach-london
19-Year-Old Hacker Admits Guilt in Major Cyberattack on PowerSchool

May 21, 2025 2:54 PM

Tags: access, computer, cyber, cyberattack, data, extortion, hacker, software, theft, unauthorized

Massachusetts college student stands accused of orchestrating a sweeping cyberattack on PowerSchool, a widely used educational software provider, resulting in the theft of confidential data from millions of students and teachers. The accused, Matthew D. Lane, age 19, has agreed to plead guilty to federal charges encompassing cyber extortion, unauthorized access to protected computers, and…
US Teen to Plead Guilty in PowerSchool Extortion Campaign

May 21, 2025 1:54 PM

Tags: breach, data, extortion

The 19-year-old and his accomplices obtained key data for the extortion scheme in a 2022 breach of a US telco First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-teen-plead-guilty-powerschool/
PowerSchool hacker pleads guilty to student data extortion scheme

May 21, 2025 1:54 AM

Tags: cyberattack, data, extortion, hacker

A 19-year-old college student from Worcester, Massachusetts, has agreed to plead guilty to a massive cyberattack on PowerSchool that extorted millions of dollars in exchange for not leaking the personal data of millions of students and teachers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/powerschool-hacker-pleads-guilty-to-student-data-extortion-scheme/
Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang

May 20, 2025 10:54 AM

Tags: cybersecurity, extortion, malware, ransomware

Cybersecurity Observatory of the Unipegaso’s malware lab published a detailed analysis of the Sarcoma ransomware. It is with great pleasure and honor that I present the first report produced by the Malware Analysis Lab, led by Luigi Martire. The lab was established within the Cybersecurity Observatory of the Unipegaso University, which I have the privilege…