Tag: ransom

New DroidLock malware locks Android devices and demands a ransom

Dec 10, 2025 11:32 PM

Tags: access, android, data, malware, ransom

A new Android malware called DroidLock has emerged with capabilities to lock screens for ransom payments, erase data, access text messages, call logs, contacts, and audio data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-droidlock-malware-locks-android-devices-and-demands-a-ransom/
2025 Year of Browser Bugs Recap:

Dec 10, 2025 8:33 PM

Tags: access, ai, api, attack, authentication, awareness, browser, cctv, chrome, cloud, communications, computer, credentials, crypto, cyber, data, data-breach, detection, edr, email, endpoint, exploit, flaw, gartner, google, guide, identity, injection, leak, login, malicious, malware, network, openai, passkey, password, phishing, ransom, ransomware, risk, saas, service, threat, tool, update, vulnerability, windows, xss, zero-day

At the beginning of this year, we launched the Year of Browser Bugs (YOBB) project, a commitment to research and share critical architectural vulnerabilities in the browser. Inspired by the iconic Months of Bugs tradition in the 2000s, YOBB was started with a similar purpose”Š”, “Što drive awareness and discussion around key security gaps and…
US Treasury Tracks $4.5B in Ransom Payments since 2013

Dec 8, 2025 10:33 PM

Tags: attack, crime, crimes, data, finance, network, ransom, ransomware

The US Treasury’s Financial Crimes Enforcement Network shared data showing how dramatically ransomware attacks have changed over time. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/us-treasury-45b-ransom-payments-2013
FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms

Dec 8, 2025 8:33 PM

Tags: ransom, scam

The FBI warns of criminals altering images shared on social media and using them as fake proof of life photos in virtual kidnapping ransom scams. The FBI warns that criminals are altering publicly available photos to create fake “proof-of-life” images used in virtual kidnapping scams, posing as kidnappers and demanding ransom. >>The Federal Bureau of…
FBI warns of virtual kidnapping scams using altered social media photos

Dec 5, 2025 6:32 PM

Tags: ransom, scam

The FBI warns that criminals are altering images shared on social media and using them as fake proof of life photos in virtual kidnapping ransom scams. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-warns-of-virtual-kidnapping-ransom-scams-using-altered-social-media-photos/
Ransomware Moves: Supply Chain Hits, Credential Harvesting

Nov 28, 2025 6:49 PM

Tags: attack, credentials, data, group, ransom, ransomware, supply-chain

Innovation Continues, Although Sloppy Coding Can Still Leave Data Unrecoverable. Ransomware groups continue to display more innovation, persistence and planning in their quest to amass ransom-paying victims and maximize profits. This has included repeat supply-chain attacks, harvesting credentials to use in later campaigns, as well as launching their own affiliate programs. First seen on govinfosecurity.com…
Ransomware Moves: Supply Chain Hits, Credential Harvesting

Nov 28, 2025 6:49 PM

Tags: attack, credentials, data, group, ransom, ransomware, supply-chain

Innovation Continues, Although Sloppy Coding Can Still Leave Data Unrecoverable. Ransomware groups continue to display more innovation, persistence and planning in their quest to amass ransom-paying victims and maximize profits. This has included repeat supply-chain attacks, harvesting credentials to use in later campaigns, as well as launching their own affiliate programs. First seen on govinfosecurity.com…
Cyber-Attack Disrupts OnSolve CodeRED Emergency Notification System

Nov 26, 2025 5:49 PM

Tags: attack, cyber, data, data-breach, group, ransom

A cyber-attack claimed to be the resposibility of INC Ransom group and targeting the OnSolve CodeRED platform has disrupted emergency notification and exposed user data across the US First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cyberattack-disrupts-onsolve/
Alliances between ransomware groups tied to recent surge in cybercrime

Nov 26, 2025 8:49 AM

Tags: access, attack, awareness, backup, business, cloud, cybercrime, cybersecurity, data, encryption, exploit, extortion, group, healthcare, incident response, intelligence, law, leak, monitoring, ransom, ransomware, saas, service, software, tactics, theft, threat, vpn, vulnerability, zero-day

Ransomware groups change tactics to evade law enforcement: The latest quarterly study from Rapid7 also found that newly forged alliances are leading to a spike in ransomware activity while adding that tactical innovations, from refined extortion to double extortion and use of zero day, are also playing a part in increased malfeasance.The quarter also saw…
The Changing Threat Landscape for Retailers: Why is data security working harder than last year?

Nov 20, 2025 9:49 PM

Tags: access, ai, api, application-security, attack, automation, breach, business, cloud, compliance, container, control, credentials, cyber, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, exploit, finance, GDPR, hacker, ibm, incident, intelligence, Internet, malicious, malware, monitoring, PCI, phishing, privacy, programming, ransom, ransomware, regulation, risk, risk-management, saas, security-incident, service, social-engineering, software, strategy, supply-chain, tactics, threat, tool, unauthorized, vulnerability

The Changing Threat Landscape for Retailers: Why is data security working harder than last year? madhav Thu, 11/20/2025 – 08:37 It’s the 2025 holiday shopping season, and retailers everywhere are geared up for the rush of online customers. From late November to January, which includes Black Friday, Cyber Monday, Christmas shopping, and end-of-season sales, is…
The Changing Threat Landscape for Retailers: Why is data security working harder than last year?

Nov 20, 2025 9:49 PM

Tags: access, ai, api, application-security, attack, automation, breach, business, cloud, compliance, container, control, credentials, cyber, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, exploit, finance, GDPR, hacker, ibm, incident, intelligence, Internet, malicious, malware, monitoring, PCI, phishing, privacy, programming, ransom, ransomware, regulation, risk, risk-management, saas, security-incident, service, social-engineering, software, strategy, supply-chain, tactics, threat, tool, unauthorized, vulnerability

The Changing Threat Landscape for Retailers: Why is data security working harder than last year? madhav Thu, 11/20/2025 – 08:37 It’s the 2025 holiday shopping season, and retailers everywhere are geared up for the rush of online customers. From late November to January, which includes Black Friday, Cyber Monday, Christmas shopping, and end-of-season sales, is…
Pennsylvania Office of the Attorney General (OAG) confirms data breach after August attack

Nov 18, 2025 10:50 PM

Tags: attack, breach, data, data-breach, office, ransom, ransomware

The Pennsylvania Office of the Attorney General (>>OAGOAG
ShinyHunters-hit Checkout.com rejects ransom payment

Nov 18, 2025 4:49 PM

Tags: ransom

First seen on scworld.com Jump to article: www.scworld.com/brief/shinyhunters-hit-checkout-com-rejects-ransom-payment
A miracle: A company says sorry after a cyber attack and donates the ransom to cybersecurity research

Nov 18, 2025 12:48 PM

Tags: attack, breach, cyber, cybersecurity, data, ransom

One of the sad truths about this world of seemingly endless hacks and data breaches is that companies just won’t apologise. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/a-miracle-a-company-says-sorry-after-a-cyber-attack-and-donates-the-ransom-to-cybersecurity-research
Pennsylvania AG confirms data breach after INC Ransom attack

Nov 17, 2025 5:49 PM

Tags: attack, breach, cyberattack, data, data-breach, office, ransom, ransomware

The office of Pennsylvania’s attorney general has confirmed that the ransomware gang behind an August 2025 cyberattack stole files containing personal and medical information. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pennsylvania-ag-confirms-data-breach-after-inc-ransom-attack/
Document Tech Firm Hit as New Cyber Gang Expands Reach

Nov 14, 2025 10:49 PM

Tags: attack, breach, cyber, cybercrime, data, ransom, service, technology

Kazu Demands $200K Ransom, Begins Leaking 1.2M Stolen Patient Records. Kazu, a relative newcomer among cybercrime gangs, is threatening to post 353 gigabytes of data allegedly stolen in recent weeks from Doctor Alliance, a Texas-based company that provides document and billing management technology and services to physician practices. The attack appears to be the gang’s…
ShinyHunters Compromises Legacy Cloud Storage System of Checkout.com

Nov 14, 2025 9:49 PM

Tags: cloud, cybersecurity, group, hacker, ransom, threat

Checkout.com said the notorious ShinyHunters threat group breached a badly decommissioned legacy cloud storage system last used by the company in 2020 and stole some merchant data. The hackers demanded a ransom, but the company instead will give the amount demanded to cybersecurity research groups. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/shinyhunters-breaches-legacy-cloud-storage-system-of-checkout-com/
Checkout.com snubs hackers after data breach, to donate ransom instead

Nov 14, 2025 5:49 PM

Tags: breach, cloud, data, data-breach, finance, group, hacker, ransom, technology, threat

UK financial technology company Checkout announced that the ShinyHunters threat group has breached one of its legacy cloud storage systems and is now extorting the company for a ransom. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/checkoutcom-snubs-shinyhunters-hackers-to-donate-ransom-instead/
Checkout.com snubs hackers after data breach, to donate ransom instead

Nov 14, 2025 5:49 PM

Tags: breach, cloud, data, data-breach, finance, group, hacker, ransom, technology, threat

UK financial technology company Checkout announced that the ShinyHunters threat group has breached one of its legacy cloud storage systems and is now extorting the company for a ransom. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/checkoutcom-snubs-shinyhunters-hackers-to-donate-ransom-instead/
CISA Warns: Akira Ransomware Has Extracted $42M After Targeting Hundreds

Nov 14, 2025 7:49 AM

Tags: advisory, attack, cisa, crime, cyber, cybersecurity, defense, ransom, ransomware

A newly updated cybersecurity advisory from federal agencies reveals that the Akira ransomware operation has significantly escalated its campaign, compromising organizations worldwide and accumulating massive ransom proceeds through sophisticated attack methods. According to the joint advisory released on November 13, 2025, by the FBI, CISA, Department of Defense Cyber Crime Center (DC3), Department of Health…
FBI: Akira gang has received nearly $250 million in ransoms

Nov 13, 2025 11:49 PM

Tags: law, ransom, ransomware

The U.S. and European law enforcement released new information to help organizations defend themselves against the Akira ransomware gang, which has attacked small- and medium-sized businesses for years. First seen on therecord.media Jump to article: therecord.media/akira-gang-received-million
API Security: Bridging the Gap Between Application and Security Teams FireTail Blog

Nov 11, 2025 2:20 PM

Tags: access, api, application-security, attack, awareness, breach, business, cctv, ciso, cloud, crypto, cyber, cybersecurity, data, data-breach, dns, email, finance, flaw, group, incident response, microsoft, monitoring, network, phone, ransom, risk, security-incident, service, software, strategy, technology, threat, tool, unauthorized, vulnerability

Nov 11, 2025 – Jeremy Snyder – API Security: Why the Gap Developers and security professionals have different concerns and motivations. It’s easy to see why gaps emerge. The ability to quickly ship new products, features or functionality is a real source of competitive advantage in the digital economy. Business needs demand speed. Engineers constantly…
API Security: Bridging the Gap Between Application and Security Teams FireTail Blog

Nov 11, 2025 2:20 PM

Tags: access, api, application-security, attack, awareness, breach, business, cctv, ciso, cloud, crypto, cyber, cybersecurity, data, data-breach, dns, email, finance, flaw, group, incident response, microsoft, monitoring, network, phone, ransom, risk, security-incident, service, software, strategy, technology, threat, tool, unauthorized, vulnerability

Nov 11, 2025 – Jeremy Snyder – API Security: Why the Gap Developers and security professionals have different concerns and motivations. It’s easy to see why gaps emerge. The ability to quickly ship new products, features or functionality is a real source of competitive advantage in the digital economy. Business needs demand speed. Engineers constantly…
API Security: Bridging the Gap Between Application and Security Teams FireTail Blog

Nov 11, 2025 2:20 PM

Tags: access, api, application-security, attack, awareness, breach, business, cctv, ciso, cloud, crypto, cyber, cybersecurity, data, data-breach, dns, email, finance, flaw, group, incident response, microsoft, monitoring, network, phone, ransom, risk, security-incident, service, software, strategy, technology, threat, tool, unauthorized, vulnerability

Nov 11, 2025 – Jeremy Snyder – API Security: Why the Gap Developers and security professionals have different concerns and motivations. It’s easy to see why gaps emerge. The ability to quickly ship new products, features or functionality is a real source of competitive advantage in the digital economy. Business needs demand speed. Engineers constantly…
Nevada ransomware attack traced back to malware download by employee

Nov 7, 2025 6:19 PM

Tags: attack, malware, ransom, ransomware

The state refused to pay a ransom and recovered 90% of the impacted data. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/nevada-ransomware-attack-traced-back-to-malware-download-by-employee/805011/
Doubling Down in Vegas: The High-Stakes Question of Whether to Pay

Nov 7, 2025 2:20 PM

Tags: cyberattack, ransom, ransomware

Learn how Nevada refused to pay ransom after a 2025 cyberattack, restoring systems in 28 days”, and what this reveals about ransomware readiness and policy. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/doubling-down-in-vegas-the-high-stakes-question-of-whether-to-pay/
Doubling Down in Vegas: The High-Stakes Question of Whether to Pay

Nov 7, 2025 2:20 PM

Tags: cyberattack, ransom, ransomware

Learn how Nevada refused to pay ransom after a 2025 cyberattack, restoring systems in 28 days”, and what this reveals about ransomware readiness and policy. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/doubling-down-in-vegas-the-high-stakes-question-of-whether-to-pay/
Doubling Down in Vegas: The High-Stakes Question of Whether to Pay

Nov 7, 2025 2:20 PM

Tags: cyberattack, ransom, ransomware

Learn how Nevada refused to pay ransom after a 2025 cyberattack, restoring systems in 28 days”, and what this reveals about ransomware readiness and policy. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/doubling-down-in-vegas-the-high-stakes-question-of-whether-to-pay/
Google Launches New Maps Feature to Help Businesses Report Review-Based Extortion Attempts

Nov 7, 2025 11:20 AM

Tags: extortion, google, ransom, threat

Google on Thursday said it’s rolling out a dedicated form to allow businesses listed on Google Maps to report extortion attempts made by threat actors who post inauthentic bad reviews on the platform and demand ransoms to remove the negative comments.The approach is designed to tackle a common practice called review bombing, where online users…
Google Launches New Maps Feature to Help Businesses Report Review-Based Extortion Attempts

Nov 7, 2025 11:20 AM

Tags: extortion, google, ransom, threat

Google on Thursday said it’s rolling out a dedicated form to allow businesses listed on Google Maps to report extortion attempts made by threat actors who post inauthentic bad reviews on the platform and demand ransoms to remove the negative comments.The approach is designed to tackle a common practice called review bombing, where online users…