Tag: extortion
-
FBI Warns: Threat Actors Impersonating BianLian Group to Target Corporate Executives
The Federal Bureau of Investigation (FBI) issued a critical alert through its Internet Crime Complaint Center (IC3) warning of a novel cyber extortion campaign targeting corporate executives. Criminal actors impersonating the notorious BianLian ransomware group are leveraging physical mail to deliver threatening letters demanding Bitcoin payments under the guise of data exfiltration. The Cybersecurity and…
-
Emulating the Relentless RansomHub Ransomware
AttackIQ has released a new attack graph emulating the behaviors exhibited by RansomHub ransomware since its emergence in February 2024. This sophisticated ransomware employs double extortion techniques and shares notable similarities with Knight ransomware. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/emulating-the-relentless-ransomhub-ransomware/
-
Fighting Back: 4 Essential Ransomware Defense Strategies for CISOs in 2025
Focus on Cyber Hygiene, Advanced Tools and Rapid Response to Outsmart Attackers Modern cyberthreats require modern defense tactics. Ransomware now employs multilayered extortion tactics that target operations and reputations. With 68% of breaches involving human error, CISOs and leaders must focus on cyber hygiene, advanced security tools and rapid response strategies. First seen on govinfosecurity.com…
-
Ransomware Evolution: From Encryption to Extortion
Cybercriminals Use Artificial Intelligence and Physical Threats to Maximize Impact One-dimensional data encryption threats have morphed into more dangerous, multi-layered ransomware attacks that are expanding in scope and impact, creating an urgent need for organizations to fortify their defenses. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/blogs/ransomware-evolution-from-encryption-to-extortion-p-3816
-
Ransomware access playbook: What Black Basta’s leaked logs reveal
Tags: access, breach, credentials, cybercrime, dark-web, data, data-breach, extortion, group, login, malware, password, ransomware, service, software, theft, threat, toolFrom infostealer to ransomware: Infostealers are malware programs designed to scrape login information stored inside browser password stores and other applications. These threats are increasingly being offered as a service on cybercriminal forums, and according to a recent study, their prevalence has increased three-fold over the past year. The information stolen by such tools, known…
-
Ransomware criminals love CISA’s KEV list and that’s a bug, not a feature
1 in 3 entries are used to extort civilians, says new paper First seen on theregister.com Jump to article: www.theregister.com/2025/02/28/cisa_kev_list_ransomware/
-
Hacker behind over 90 high-profile data leaks worldwide arrested in Thailand
Authorities said they arrested a 39-year-old in Bangkok who was the hacker responsible for dozens of high-profile extortion cases. First seen on therecord.media Jump to article: therecord.media/hacker-arrested-bangkok-data-breaches-extortion
-
Prolific Data Extortion Actor Arrested in Thailand
A joint operation between the Thai and Singapore police has resulted in the arrest of a man allegedly responsible for over 90 data extortion attacks worldwide First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/data-extortion-actor-thailand/
-
5 things to know about ransomware threats in 2025
Tags: access, attack, authentication, awareness, backup, breach, ciso, cloud, control, credentials, cyber, dark-web, data, data-breach, defense, detection, encryption, exploit, extortion, finance, fraud, group, healthcare, identity, incident response, infrastructure, Internet, iot, law, leak, mfa, monitoring, network, password, ransom, ransomware, risk, scam, service, software, sophos, supply-chain, technology, threat, tool, update, vpn, vulnerability, zero-day2. Mid-size organizations are highly vulnerable: Industry data shows mid-size organizations remain highly vulnerable to ransomware attacks. “CISOs need to be aware that ransomware is no longer just targeting large companies, but now even mid-sized organizations are at risk. This awareness is crucial,” says Christiaan Beek, senior director, threat analytics, at Rapid7.Companies with annual revenue…
-
Drug-screening biz DISA took a year to disclose security breach affecting millions
If there’s something nasty on your employment record, extortion scum could come calling First seen on theregister.com Jump to article: www.theregister.com/2025/02/26/disa_data_breach/
-
Stürmer Maschinen von Ransomware-Attacke getroffen
Die Ransomware-Bande Lynx erpresst den Großhändler Stürmer Maschinen mit gestohlenen Daten.Die Ransomware-Bande Lynx hat den Maschinengroßhändler Stürmer Maschinen kürzlich auf ihre Opferliste gesetzt. Auf ihrer Leak-Seite im Darknet behaupten die Cyberkriminellen, einen Datensatz von 800 Gigabyte abgezogen zu haben. Um welche Daten es sich dabei genau handelt ist unklar. Informationen zur Lösegeldforderung und Frist gibt…
-
FBI and CISA warn about continuing attacks by Chinese ransomware group Ghost
Attacks are more focused on encryption than exfiltration: The Ghost attackers have sometimes exfiltrated data back to their Cobalt Strike Team servers or to the Mega.nz file-sharing service, but this has been rare and the amount of information stolen has been limited.According to FBI investigations, the group doesn’t regularly exfiltrate intellectual property or personally identifiable…
-
CL0P Ransomware Launches Large-Scale Attacks on Telecom and Healthcare Sectors
Tags: attack, cyber, data, exploit, extortion, group, healthcare, ransomware, tactics, vulnerability, zero-dayThe notorious CL0P ransomware group has intensified its operations in early 2025, targeting critical sectors such as telecommunications and healthcare. Known for its sophisticated tactics, the group has exploited zero-day vulnerabilities to infiltrate systems, steal sensitive data, and extort victims. This resurgence follows a relatively quieter 2024, during which CL0P listed only 27 victims compared…
-
US Army soldier linked to Snowflake extortion rampage admits breaking the law
That’s the way the cookie melts First seen on theregister.com Jump to article: www.theregister.com/2025/02/20/us_army_snowflake_theft/
-
BlackLock Ransomware Targets Windows, VMware ESXi, Linux Environments
BlackLock ransomware, first identified in March 2024, has rapidly ascended the ranks of the ransomware-as-a-service (RaaS) ecosystem, becoming the seventh most prolific group on data-leak sites by late 2024. The group employs a double extortion strategy, encrypting victims’ data while exfiltrating sensitive information to pressure organizations into paying ransoms. Its malware targets multiple environments, including…
-
Ransomware-Banden geben Opfern immer weniger Zeit
Tags: cyberattack, data, detection, endpoint, extortion, governance, government, malware, ransomware, tool, vulnerability, zero-dayRansomware-Gruppen haben den Zeitraum bis zur Lösegeldübergabe immer mehr verkürzt. Laut einer Analyse des Managed-Detection-and-Response-Unternehmens Huntress von Ransomware-Vorfällen im vergangenen Jahr beträgt die durchschnittliche Zeit bis zur Lösegeldforderung (TTR) etwa 17 Stunden. Bei einigen Gruppen sind es sogar nur vier bis sechs Stunden. Dieses Tempo steht in krassem Gegensatz zu der Vorgehensweise großer Ransomware-Gruppen vor…
-
Ransomware gangs extort victims 17 hours after intrusion on average
Tags: access, business, credentials, data, encryption, espionage, exploit, extortion, government, group, healthcare, Intruder, malicious, malware, metric, monitoring, network, ransom, ransomware, service, tactics, technology, theft, threat, tool, vulnerability, zero-dayThe initial point of access for the attackers and the privileges it provided themHow easy it is to reach other network segments and systems from the initially compromised assetWhether access into the environment was resold to a ransomware operator by an initial access brokerWhether the attackers decided to operate only outside the victim’s regular business…
-
Cl0p Ransomware Hide Itself on Compromised Networks After Exfiltrate the Data
The Cl0p ransomware group, a prominent player in the cybercrime landscape since 2019, has intensified its operations by employing advanced techniques to remain undetected within compromised networks. Known for its association with the TA505 threat group, Cl0p has shifted its focus from merely encrypting files to leveraging double extortion tactics exfiltrating sensitive data and threatening…
-
Two Russian nationals arrested in takedown of Phobos ransomware infrastructure
The U.S. Department of Justice said two Russian nationals were in custody as part of an operation against the Phobos ransomware gang, which has attacked hundreds of organizations and earned millions of dollars in extortion payments. First seen on therecord.media Jump to article: therecord.media/phobos-ransomware-takedown-arrests-russian-nationals
-
Verdächtige verhaftet: Großer Schlag gegen Ransomwarehacker mit über 1.000 Opfern
Vier Europäer, die mit einer Ransomware mehr als 1.000 Ziele attackiert und Millionensummen erpresst haben sollen, sind in Thailand festgenommen worden. First seen on golem.de Jump to article: www.golem.de/news/verdaechtige-verhaftet-grosser-schlag-gegen-ransomwarebande-mit-ueber-1-000-opfern-2502-193222.html
-
Verdächtige verhaftet: Großer Schlag gegen Ransomwarebande mit über 1.000 Opfern
Vier Europäer, die mit einer Ransomware mehr als 1.000 Ziele attackiert und Millionensummen erpresst haben sollen, sind in Thailand festgenommen worden. First seen on golem.de Jump to article: www.golem.de/news/verdaechtige-verhaftet-grosser-schlag-gegen-ransomwarebande-mit-ueber-1-000-opfern-2502-193222.html
-
Top 5 ways attackers use generative AI to exploit your systems
Tags: access, ai, attack, authentication, awareness, banking, captcha, chatgpt, china, control, cyber, cybercrime, cybersecurity, defense, detection, exploit, extortion, finance, flaw, fraud, group, hacker, intelligence, LLM, malicious, malware, network, phishing, ransomware, resilience, service, spam, tactics, theft, threat, tool, vulnerability, zero-dayFacilitating malware development: Artificial intelligence can also be used to generate more sophisticated or at least less labour-intensive malware.For example, cybercriminals are using gen AI to create malicious HTML documents. The XWorm attack, initiated by HTML smuggling, which contains malicious code that downloads and runs the malware, bears the hallmarks of development via AI.”The loader’s…
-
Ransomware-Analyse von Dragos – Operative Sabotage statt reiner Erpressung
First seen on security-insider.de Jump to article: www.security-insider.de/ransomware-aktivitaeten-analyse-a-f938ccad9d43b1eb0e5c8454767e6786/
-
Ransomware Extortion Drops to $813.5M in 2024, Down from $1.25B in 2023
Ransomware attacks netted cybercrime groups a total of $813.5 million in 2024, a decline from $1.25 billion in 2023.The total amount extorted during the first half of 2024 stood at $459.8 million, blockchain intelligence firm Chainalysis said, adding payment activity slumped after July 2024 by about 3.94%.”The number of ransomware events increased into H2, but…
-
AI-Powered Cyber Warfare, Ransomware Evolution, and Cloud Threats Shape 2025 Cyber Landscape
The cybersecurity landscape in EMEA is facing a wave of AI-driven cyber warfare, the evolution of ransomware into data extortion, and an expanding attack surface in cloud environments, according to the latest findings from Check Point Software. The company presented its insights at CPX Vienna 2025, an annual cybersecurity event bringing together industry leaders, security…
-
Globe Life Ransomware Attack Exposes Personal and Health Data of 850,000+ Users
Globe Life Inc., a prominent insurance provider, has confirmed a major data breach that exposed the personal and health-related information of over 850,000 users. The company disclosed the incident in a recent filing with the U.S. Securities and Exchange Commission (SEC), reporting that the breach resulted from an extortion attempt by an unknown threat actor.…