Tag: extortion

Risiken bei der Wiederherstellung nach Ransomware-Angriffen

Oct 27, 2025 3:26 PM

Tags: alphv, authentication, backup, ceo, ciso, crowdstrike, cyber, cyberattack, DSGVO, encryption, extortion, incident response, infrastructure, insurance, lockbit, mfa, ransomware, resilience, risk, risk-management, service, tool, update

Die Zahlung des Lösegelds nach einer Ransomware-Attacke ist keine Garantie für eine reibungslose oder gar erfolgreiche Wiederherstellung der Daten.Zwei von fünf Unternehmen, die Cyberkriminellen für die Entschlüsselung von Ransomware bezahlen, können ihre Daten nicht wiederherstellen. Das hat eine weltweite Umfrage des Versicherungsanbieters Hiscox unter 1.000 mittelständischen Unternehmen ergeben.Die Ergebnisse zeigen, dass Ransomware nach wie vor…
Risiken bei der Wiederherstellung nach Ransomware-Angriffen

Oct 27, 2025 3:26 PM

Tags: alphv, authentication, backup, ceo, ciso, crowdstrike, cyber, cyberattack, DSGVO, encryption, extortion, incident response, infrastructure, insurance, lockbit, mfa, ransomware, resilience, risk, risk-management, service, tool, update

Die Zahlung des Lösegelds nach einer Ransomware-Attacke ist keine Garantie für eine reibungslose oder gar erfolgreiche Wiederherstellung der Daten.Zwei von fünf Unternehmen, die Cyberkriminellen für die Entschlüsselung von Ransomware bezahlen, können ihre Daten nicht wiederherstellen. Das hat eine weltweite Umfrage des Versicherungsanbieters Hiscox unter 1.000 mittelständischen Unternehmen ergeben.Die Ergebnisse zeigen, dass Ransomware nach wie vor…
Ransomware, extortion groups adapt as payment rates reach historic lows

Oct 27, 2025 2:26 PM

Tags: data, encryption, extortion, group, ransom, ransomware, theft

Ransomware groups are facing an economic downturn of their own: In Q3 2025, only 23 percent of victims paid a ransom, and for data theft incidents that involved no encryption, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/27/ransomware-extortion-payment-q3-2025/
Ransomware, extortion groups adapt as payment rates reach historic lows

Oct 27, 2025 2:26 PM

Tags: data, encryption, extortion, group, ransom, ransomware, theft

Ransomware groups are facing an economic downturn of their own: In Q3 2025, only 23 percent of victims paid a ransom, and for data theft incidents that involved no encryption, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/27/ransomware-extortion-payment-q3-2025/
Cybersecurity Snapshot: Top Advice for Detecting and Preventing AI Attacks, and for Securing AI Systems

Oct 24, 2025 7:26 PM

Tags: access, ai, attack, authentication, awareness, best-practice, breach, business, chatgpt, china, ciso, cloud, computing, container, control, credentials, crime, cve, cyber, cyberattack, cybersecurity, data, defense, detection, email, exploit, extortion, finance, flaw, framework, fraud, google, governance, government, group, guide, hacker, hacking, healthcare, iam, identity, incident response, intelligence, LLM, malicious, malware, mitigation, monitoring, network, open-source, openai, organized, phishing, ransom, risk, risk-management, russia, sans, scam, service, skills, soc, strategy, supply-chain, technology, theft, threat, tool, training, vulnerability, zero-trust

As organizations eagerly adopt AI, cybersecurity teams are racing to protect these new systems. In this special edition of the Cybersecurity Snapshot, we round up some of the best recent guidance on how to fend off AI attacks, and on how to safeguard your AI systems. Key takeaways Developers are getting new playbooks from groups…
Ransomware recovery perils: 40% of paying victims still lose their data

Oct 24, 2025 9:26 AM

Tags: access, attack, authentication, backup, breach, business, ceo, crypto, cyber, cybersecurity, data, data-breach, encryption, extortion, finance, GDPR, group, incident response, insurance, leak, mfa, privacy, ransom, ransomware, resilience, risk, risk-management, service, threat, update

Additional recovery pressures: Modern ransomware attacks now routinely involve double or triple extortion whereby attackers threaten to leak stolen data or launch distributed denial of service (DDoS) attacks even after payment.This fundamentally changes the calculus on what victims can expect in cases where they decide to make a ransomware payment, which more often than not…
Ransomware recovery perils: 40% of paying victims still lose their data

Oct 24, 2025 9:26 AM

Tags: access, attack, authentication, backup, breach, business, ceo, crypto, cyber, cybersecurity, data, data-breach, encryption, extortion, finance, GDPR, group, incident response, insurance, leak, mfa, privacy, ransom, ransomware, resilience, risk, risk-management, service, threat, update

Additional recovery pressures: Modern ransomware attacks now routinely involve double or triple extortion whereby attackers threaten to leak stolen data or launch distributed denial of service (DDoS) attacks even after payment.This fundamentally changes the calculus on what victims can expect in cases where they decide to make a ransomware payment, which more often than not…
Breach Roundup: the Qilin Hack That Wasn’t

Oct 24, 2025 12:26 AM

Tags: breach, cybersecurity, data, extortion, flaw, network, router, vpn

Also, Envoy Air Confirms Data Compromise Following Clop Extortion Campaign. This week, Qilin didn’t hack a Spanish tax agency, Nexperia standoff, Envoy Air confirmed a data compromise, Experian Netherlands fined 2.7M euros, ToolShell used to breach global networks, flaws in TP-Link Omada and Festa VPN routers and a New York firm settled a cybersecurity investigation.…
Microsoft Digital Defense Report 2025: Extortion and Ransomware Lead Global Cybercrime Surge

Oct 23, 2025 2:26 PM

Tags: cyber, cyberattack, cybercrime, data, defense, extortion, microsoft, ransomware

The newly released Microsoft Digital Defense Report 2025 reveals new data on global cyber threats. According to the report, more than half of all cyberattacks with known motives, 52%, are driven by extortion and ransomware. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/digital-defense-report-shares-cybercrime-trend/
Scattered Lapsus$ Hunters Signal Shift in Tactics

Oct 22, 2025 11:26 AM

Tags: extortion, network, service, tactics

Scattered Lapsus$ Hunters may be preparing to launch an extortion-as-a-service model, according to Palo Alto Networks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/scattered-lapsus-hunters-shift/
AI-enabled ransomware attacks: CISO’s top security concern, with good reason

Oct 21, 2025 3:26 PM

Tags: access, ai, attack, ciso, corporate, crowdstrike, data, deep-fake, detection, email, encryption, extortion, group, infection, malware, phishing, ransomware, service, threat

Ransomware’s AI-powered future: Although CrowdStrike’s latest survey doesn’t provide a full picture of AI’s use by ransomware gangs, the fact that generative AI is proving highly effective in crafting phishing emails that lead to ransomware infections shows the tip of the iceberg CISOs face.CrowdStrike Field CTO Cristian Rodriguez tells CSO, “We’re seeing AI touch every…
Im Visier Cyberkrimineller: Bei Erpressung, Diebstahl und Spionage Deutschland laut Microsoft auf Platz 4

Oct 18, 2025 3:07 PM

Tags: extortion, germany, microsoft

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/visier-cyberkriminelle-erpressung-diebstahl-spionage-deutschland-microsoft-platz-4
American Airlines subsidiary Envoy confirms Oracle data theft attack

Oct 17, 2025 10:08 PM

Tags: attack, business, data, extortion, leak, oracle, theft

Envoy Air, a regional airline carrier owned by American Airlines, confirms that data was compromised from its Oracle E-Business Suite application after the Clop extortion gang listed American Airlines on its data leak site. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/american-airlines-subsidiary-envoy-confirms-oracle-data-theft-attack/
American Airlines subsidiary Envoy confirms Oracle data theft attack

Oct 17, 2025 10:08 PM

Tags: attack, business, data, extortion, leak, oracle, theft

Envoy Air, a regional airline carrier owned by American Airlines, confirms that data was compromised from its Oracle E-Business Suite application after the Clop extortion gang listed American Airlines on its data leak site. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/american-airlines-subsidiary-envoy-confirms-oracle-data-theft-attack/
Deutschland größtes Hacker-Ziel in der EU

Oct 17, 2025 9:09 AM

Tags: authentication, china, cyberattack, defense, extortion, germany, hacker, iran, login, mail, mfa, microsoft, north-korea, password, phishing, ransomware, software, ukraine

Laut einer Studie von Microsoft richteten sich 3,3 Prozent aller Cyberangriffe weltweit im ersten Halbjahr 2025 gegen Ziele in Deutschland.Kein Land in der Europäischen Union steht so sehr im Fokus von kriminellen Hackern wie Deutschland. Das geht aus dem Microsoft Digital Defense Report 2025 hervor, den der Software-Konzern in Redmond veröffentlicht hat. Danach richteten sich…
Breach Roundup: Chinese Hackers Exploited ArcGIS

Oct 17, 2025 12:07 AM

Tags: attack, breach, china, data, data-breach, exploit, extortion, hacker, Internet, leak, software, update

Also, Internet-Exposed Call Center Software Under Attack and Patch Tuesday. This week: Chinese hackers exploited ArcGIS, Internet-exposed call center software under attack, October patch Tuesday, Massachusetts student sentenced for $3 million extortion hack, New York fined eight insurers $14.2M over data breaches, more than 100 VS Code extensions leak secrets. First seen on govinfosecurity.com Jump…
CISOs brace for an “AI vs. AI” fight

Oct 16, 2025 10:07 PM

Tags: ai, attack, automation, awareness, ciso, computer, conference, cyber, data, defense, detection, email, exploit, extortion, india, psychology, ransomware, social-engineering, technology, theft, threat, training, vulnerability

CSO reporting paints an unsettling picture of what’s already happening. Autonomous AI agents are learning to execute full attack chains, from reconnaissance and exploitation to evasion and data theft, without human direction. Researchers have documented AI models used to generate extortion emails, launch ransomware, and discover new vulnerabilities in minutes. As one expert put it, attackers…
Qilin Ransomware Leverages Ghost Bulletproof Hosting for Global Attacks

Oct 16, 2025 2:07 PM

Tags: attack, control, cyber, data, exploit, extortion, infrastructure, leak, malware, network, ransomware, service

Qilin ransomwarean increasingly prolific ransomware-as-a-service (RaaS) operationhas intensified its global extortion campaigns by exploiting a covert network of bulletproof hosting (BPH) providers. These rogue hosting services, often headquartered in secrecy-friendly jurisdictions and operated through labyrinthine shell-company structures, allow Qilin’s operators and affiliates to host malware, data leak sites, and command-and-control infrastructure with near impunity. In…
‘Die meisten Unternehmen sind schlecht auf Cyberattacken vorbereitet”

Oct 16, 2025 11:07 AM

Tags: backup, cyberattack, extortion, infrastructure, phishing, ransomware, supply-chain

Markus Weber ist Gründer und Geschäftsführer der IT-Beratungsfirma dokuworks. dokuworks GmbHHerr Weber, als Krisenmanager werden Sie ja oft erst ins Unternehmen geholt, wenn der Angriff schon passiert ist. Was sind die ersten Schritte?Weber: Wir überprüfen zunächst einmal, ob aus technischer Sicht die wichtigsten Maßnahmen getroffen wurden. Dazu gehört zum Beispiel, dass die IT-Systeme vom Netz…
‘Die meisten Unternehmen sind schlecht auf Cyberattacken vorbereitet”

Oct 16, 2025 11:07 AM

Tags: backup, cyberattack, extortion, infrastructure, phishing, ransomware, supply-chain

Markus Weber ist Gründer und Geschäftsführer der IT-Beratungsfirma dokuworks. dokuworks GmbHHerr Weber, als Krisenmanager werden Sie ja oft erst ins Unternehmen geholt, wenn der Angriff schon passiert ist. Was sind die ersten Schritte?Weber: Wir überprüfen zunächst einmal, ob aus technischer Sicht die wichtigsten Maßnahmen getroffen wurden. Dazu gehört zum Beispiel, dass die IT-Systeme vom Netz…
Qilin Ransomware announced new victims

Oct 15, 2025 11:14 PM

Tags: extortion, group, infrastructure, network, ransomware, service

Resecurity’s new report details how the Qilin RaaS group relies on global bulletproof hosting networks to support its extortion operations. The following new report by Resecurity will explore the Qilin ransomware-as-a-service (RaaS) operation’s reliance on bullet-proof-hosting (BPH) infrastructures, with an emphasis on a network of rogue providers based in different parts of the world. Qilin…
Oracle silently fixes zero-day exploit leaked by ShinyHunters

Oct 15, 2025 4:54 PM

Tags: breach, business, data-breach, exploit, extortion, oracle, vulnerability, zero-day

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-silently-fixes-zero-day-exploit-leaked-by-shinyhunters/
Scattered Lapsus$ Hunters extortion site goes dark: What’s next?

Oct 14, 2025 10:24 PM

Tags: access, attack, backup, breach, business, cyber, cybercrime, data, data-breach, extortion, group, infrastructure, intelligence, leak, lockbit, ransom, ransomware, risk, russia, social-engineering, software, supply-chain, technology, threat

Takedowns only slow activity: According to Jeremy Kirk, executive editor for cyber threat intelligence at research company Intel 471, police have been closing in on the individual groups represented in Scattered Lapsus$ Hunters for more than three years. This included arresting alleged members. Whether this damaged the group in the long run remained to be…
Oracles silently fixes zero-day exploit leaked by ShinyHunters

Oct 14, 2025 7:24 PM

Tags: breach, business, data-breach, exploit, extortion, oracle, vulnerability, zero-day

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracles-silently-fixes-zero-day-exploit-leaked-by-shinyhunters/
Gladinet file sharing zero-day brings patched flaw back from the dead

Oct 13, 2025 9:23 PM

Tags: attack, cloud, control, cve, data, exploit, extortion, flaw, moveIT, risk, soc, software, tactics, update, vulnerability, windows, zero-day

What to do: All versions of CentreStack and Triofox file sharing servers up to and including 16.7.10368.56560 are vulnerable to CVE-2025-11371.The bad news is that Gladinet has yet to issue a patch for this, which means that for the time being the best customers can do is to apply the recommended mitigation.Luckily, according to Huntress,…
Salesforce Extortion Group Leaks Data After FBI Disruption

Oct 13, 2025 7:23 PM

Tags: breach, data, data-breach, extortion, group, leak, ransomware

Criminals Claim Leak of Customer Data From Six Victims, Including Qantas Airlines. A ransomware group that’s been extorting Salesforce customers leaked some stolen data, following the FBI disrupting its shakedown sites. ShinyHunters, part of the rebranded Scattered Lapsus$ Hunters group, after leaking data from six victims, declared its Salesforce customer shakedown over. First seen on…
Google, Mandiant expose malware and zero-day behind Oracle EBS extortion

Oct 13, 2025 11:24 AM

Tags: business, cve, email, exploit, extortion, flaw, google, intelligence, malware, mandiant, oracle, threat, zero-day

Google and Mandiant link Oracle EBS extortion emails to known July-patched flaws and a likely zero-day, CVE-2025-61882. Google Threat Intelligence and Mandiant analyzed the Oracle E-Business Suite extortion campaign, revealing the use of malware. Attackers exploited July-patched EBS flaws and likely a zero-day (CVE-2025-61882), sending extortion emails to company executives. In early October, Google Mandiant…
Hackers Claim Massive Salesforce Breach: 1 Billion Records Stolen

Oct 13, 2025 9:23 AM

Tags: breach, cyber, cybercrime, data, extortion, group, hacker, threat

A new cybercriminal conglomerate known as Scattered Lapsus$ Hunters has emerged as a significant threat to global organizations, claiming responsibility for massive data breaches targeting Salesforce customer tenants. The group, also referred to as SP1D3R HUNTERS or SLSH, has reportedly stolen over one billion Salesforce records across two separate extortion campaigns, marking one of the…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66

Oct 12, 2025 3:23 PM

Tags: android, cve, cyber, exploit, extortion, international, malware, ransomware, russia, spyware, vulnerability

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ransomware and Cyber Extortion in Q3 2025 Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability XWorm V6: Exploring Pivotal Plugins ClayRat: A New Android Spyware Targeting Russia Security Evaluation of Android apps…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66

Oct 12, 2025 3:23 PM

Tags: android, cve, cyber, exploit, extortion, international, malware, ransomware, russia, spyware, vulnerability

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ransomware and Cyber Extortion in Q3 2025 Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability XWorm V6: Exploring Pivotal Plugins ClayRat: A New Android Spyware Targeting Russia Security Evaluation of Android apps…