Tag: ransom
-
Ransom Tales: Volume V, Throwback Edition! Emulating REvil, DarkSide, and BlackMatter Ransomware
AttackIQ presents the fifth volume of Ransom Tales, an initiative focused on emulating the Tactics, Techniques, and Procedures (TTPs) exhibited by sophisticated and prominent ransomware families with the objective of empowering defenders to rigorously challenge their security controls and enhance resilience against disruptive and extortive threats. In this release, AttackIQ revisits historical ransomware operations with…
-
Nevada government declined to pay ransom, says cyberattack traced to breach in May
The state government of Nevada did not pay a ransom to cybercriminals who took down critical government systems in August, the state said in a post-mortem review of the attack. First seen on therecord.media Jump to article: therecord.media/nevada-declined-ransom-breach
-
Smashing Security podcast #442: The hack that messed with time, and rogue ransom where negotiators
Time itself comes under attack as a state-backed hacking gang spends two years tunnelling toward a nation’s master clock, with chaos potentially only a tick away. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-442/
-
Smashing Security podcast #442: The hack that messed with time, and rogue ransom where negotiators
Time itself comes under attack as a state-backed hacking gang spends two years tunnelling toward a nation’s master clock, with chaos potentially only a tick away. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-442/
-
Retailers are learning to say no to ransom demands
Ransomware remains one of the biggest operational risks for retailers, but the latest data shows a shift in how these attacks unfold. Fewer incidents now lead to data … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/06/sophos-retail-ransomware-recovery-report/
-
2 Ex-Cyber Specialists Indicted for Alleged BlackCat Attacks
DOJ: Suspects Hit 5 Firms, Including 3 in Healthcare, Netted $1.3M in Ransom Money. Three former employees of two cybersecurity firms stand accused of using BlackCat ransomware in a conspiracy to extort five U.S. companies, including three in the healthcare sector. One of the victim companies paid nearly $1.3 million to the attackers, U.S. federal…
-
Cybersecurity experts charged with running BlackCat ransomware operation
Tags: attack, breach, computer, crypto, cybersecurity, extortion, finance, group, healthcare, incident response, law, network, office, psychology, ransom, ransomware, risk, service, threatThe victims and the demands: The indictment cited at least five victim organizations: a Florida medical-device company, a Maryland pharmaceutical manufacturer, a California doctor’s office, a California engineering firm, and a Virginia-based drone company. On May 13, 2023, the conspirators allegedly attacked the Florida firm, demanding $10 million and receiving roughly $1.27 million in cryptocurrency.…
-
Cybersecurity experts charged with running BlackCat ransomware operation
Tags: attack, breach, computer, crypto, cybersecurity, extortion, finance, group, healthcare, incident response, law, network, office, psychology, ransom, ransomware, risk, service, threatThe victims and the demands: The indictment cited at least five victim organizations: a Florida medical-device company, a Maryland pharmaceutical manufacturer, a California doctor’s office, a California engineering firm, and a Virginia-based drone company. On May 13, 2023, the conspirators allegedly attacked the Florida firm, demanding $10 million and receiving roughly $1.27 million in cryptocurrency.…
-
Ransomware Defense Using the Wazuh Open Source Platform
Tags: access, attack, computer, cyberattack, data, defense, infrastructure, malicious, malware, open-source, ransom, ransomware, software, threatRansomware is malicious software designed to block access to a computer system or encrypt data until a ransom is paid. This cyberattack is one of the most prevalent and damaging threats in the digital landscape, affecting individuals, businesses, and critical infrastructure worldwide.A ransomware attack typically begins when the malware infiltrates a system through various vectors…
-
Knee-jerk corporate responses to data leaks protect brands like Qantas, but consumers are getting screwed
When courts ban people from accessing leaked data as happened after the recent Qantas data breach only hackers and scammers win<ul><li>Get our <a href=”https://www.theguardian.com/email-newsletters?CMP=cvau_sfl”>breaking news email, <a href=”https://app.adjust.com/w4u7jx3″>free app or <a href=”https://www.theguardian.com/australia-news/series/full-story?CMP=cvau_sfl”>daily news podcast</li></ul>It’s become the playbook for big Australian companies that have customer data stolen in a cyber-attack: call in the lawyers and get…
-
Akira Ransomware Strikes Apache OpenOffice, Allegedly Exfiltrates 23GB of Data
The notorious Akira ransomware gang announced on October 29, 2025, that it successfully penetrated the systems of Apache OpenOffice, claiming to have exfiltrated a staggering 23 gigabytes of sensitive corporate data. The group posted details on its dark web leak site, threatening to release the stolen information unless a ransom demand is met. This incident…
-
Ukrainian Conti Ransomware Suspect Extradited to US from Ireland
Ukrainian man accused of helping run Conti ransomware extradited from Ireland to the U.S. to face charges over global cyberattacks and $150M in ransom payments. First seen on hackread.com Jump to article: hackread.com/ukraine-conti-ransomware-extradite-us-ireland/
-
Ukrainian Conti Ransomware Suspect Extradited to US from Ireland
Ukrainian man accused of helping run Conti ransomware extradited from Ireland to the U.S. to face charges over global cyberattacks and $150M in ransom payments. First seen on hackread.com Jump to article: hackread.com/ukraine-conti-ransomware-extradite-us-ireland/
-
Cyber Pros Needed: Securing the Middle Ground
Midsize Businesses Need Skilled Professionals as Threat Actors Shift Their Tactics As large enterprises continue to strengthen their defenses and reduce ransom payouts, ransomware operators are redirecting their attention toward midsize organizations. This shift has increased the urgency for adaptable, well-trained cyber professionals who can tailor enterprise-grade protections. First seen on govinfosecurity.com Jump to article:…
-
Ransomware, extortion groups adapt as payment rates reach historic lows
Ransomware groups are facing an economic downturn of their own: In Q3 2025, only 23 percent of victims paid a ransom, and for data theft incidents that involved no encryption, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/27/ransomware-extortion-payment-q3-2025/
-
Ransomware, extortion groups adapt as payment rates reach historic lows
Ransomware groups are facing an economic downturn of their own: In Q3 2025, only 23 percent of victims paid a ransom, and for data theft incidents that involved no encryption, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/27/ransomware-extortion-payment-q3-2025/
-
The 10 biggest issues CISOs and cyber teams face today
Tags: ai, attack, awareness, breach, business, ceo, ciso, computing, crime, cyber, cyberattack, cybersecurity, data, deep-fake, defense, email, encryption, exploit, finance, fraud, governance, group, hacker, international, mitigation, organized, phishing, ransom, risk, scam, service, strategy, supply-chain, technology, threat, tool, training, usa, vulnerability2. Escalating, and accelerating, AI-enabled attacks: A 2025 survey from Boston Consulting Group found that 80% of CISOs worldwide cited AI-powered cyberattacks as their top concern, a 19-point increase from the previous year. A 2025 survey from Darktrace, a security technology firm, found that 78% of CISOs reported a significant impact from AI-driven threats, up…
-
Insider Threats Loom while Ransom Payment Rates Plummet
The percentage of companies choosing to pay ransoms dropped significantly, while threat actors shift their tactics in response to decreasing profits. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/insider-threats-loom-while-ransom-payment-rates-plummet/
-
Cybersecurity Snapshot: Top Advice for Detecting and Preventing AI Attacks, and for Securing AI Systems
Tags: access, ai, attack, authentication, awareness, best-practice, breach, business, chatgpt, china, ciso, cloud, computing, container, control, credentials, crime, cve, cyber, cyberattack, cybersecurity, data, defense, detection, email, exploit, extortion, finance, flaw, framework, fraud, google, governance, government, group, guide, hacker, hacking, healthcare, iam, identity, incident response, intelligence, LLM, malicious, malware, mitigation, monitoring, network, open-source, openai, organized, phishing, ransom, risk, risk-management, russia, sans, scam, service, skills, soc, strategy, supply-chain, technology, theft, threat, tool, training, vulnerability, zero-trustAs organizations eagerly adopt AI, cybersecurity teams are racing to protect these new systems. In this special edition of the Cybersecurity Snapshot, we round up some of the best recent guidance on how to fend off AI attacks, and on how to safeguard your AI systems. Key takeaways Developers are getting new playbooks from groups…
-
Ransomware recovery perils: 40% of paying victims still lose their data
Tags: access, attack, authentication, backup, breach, business, ceo, crypto, cyber, cybersecurity, data, data-breach, encryption, extortion, finance, GDPR, group, incident response, insurance, leak, mfa, privacy, ransom, ransomware, resilience, risk, risk-management, service, threat, updateAdditional recovery pressures: Modern ransomware attacks now routinely involve double or triple extortion whereby attackers threaten to leak stolen data or launch distributed denial of service (DDoS) attacks even after payment.This fundamentally changes the calculus on what victims can expect in cases where they decide to make a ransomware payment, which more often than not…
-
Ransomware recovery perils: 40% of paying victims still lose their data
Tags: access, attack, authentication, backup, breach, business, ceo, crypto, cyber, cybersecurity, data, data-breach, encryption, extortion, finance, GDPR, group, incident response, insurance, leak, mfa, privacy, ransom, ransomware, resilience, risk, risk-management, service, threat, updateAdditional recovery pressures: Modern ransomware attacks now routinely involve double or triple extortion whereby attackers threaten to leak stolen data or launch distributed denial of service (DDoS) attacks even after payment.This fundamentally changes the calculus on what victims can expect in cases where they decide to make a ransomware payment, which more often than not…
-
Medusa Ransomware Leaks 834 GB of Comcast Data After $1.2M Demand
Medusa ransomware leaks 186 GB of Comcast data, claiming 834 GB stolen after a $1.2M ransom demand apparently went unpaid. First seen on hackread.com Jump to article: hackread.com/medusa-ransomware-comcast-data-leak/
-
Medusa Ransomware Leaks 834 GB of Comcast Data After $1.2M Demand
Medusa ransomware leaks 186 GB of Comcast data, claiming 834 GB stolen after a $1.2M ransom demand apparently went unpaid. First seen on hackread.com Jump to article: hackread.com/medusa-ransomware-comcast-data-leak/
-
TDL 007 – Cyber Warriors Digital Shadows: Insights from Canada’s Cybersecurity Leader
Tags: ai, awareness, backup, breach, browser, business, cio, ciso, communications, conference, control, corporate, country, cryptography, cyber, cybersecurity, dark-web, data, data-breach, defense, dns, email, encryption, finance, government, healthcare, identity, incident, infrastructure, intelligence, Internet, jobs, law, leak, linux, malicious, mfa, mitigation, network, organized, phone, privacy, ransom, ransomware, RedTeam, resilience, risk, risk-management, router, service, startup, strategy, supply-chain, switch, tactics, technology, theft, threat, tool, training, windowsSummary In this episode of The Defender’s Log, host David Redekop interviews Sami Khoury, the Senior Official for Cybersecurity for the Government of Canada. With a career spanning 33 years at the Communication Security Establishment (CSE), Khoury shares how a coincidental job application blossomed into a lifelong passion for national security. Khoury emphasizes that modern…
-
PowerSchool hacker sentenced to 4 years in prison
Matthew Lane, who demanded a ransom of $2.9 million from PowerSchool in exchange for not leaking personal data belonging to more than 70 million people, also was ordered to pay about $14 million in restitution and a $25,000 fine. First seen on therecord.media Jump to article: therecord.media/powerschool-hacker-sentenced-4-years
-
Five million Qantas customers have had personal information leaked on the dark web. Here’s what you need to know
One expert warns frequent flier points could be used to create fake flight rescheduling emails or fraudulent redemption offers<ul><li><a href=”https://www.theguardian.com/australia-news/live/2025/oct/13/australia-news-live-qantas-hack-data-leak-scam-warning-nsw-sydney-potholes-social-media-ban-anika-wells-albanese-sussan-ley-labor-liberal-coalition-ntwnfb”>Follow our Australia news live blog for latest updates</li><li>Get our <a href=”https://www.theguardian.com/email-newsletters?CMP=cvau_sfl”>breaking news email, <a href=”https://app.adjust.com/w4u7jx3″>free app or <a href=”https://www.theguardian.com/australia-news/series/full-story?CMP=cvau_sfl”>daily news podcast</li></ul>The number of scams is expected to rise after the personal information of millions of…
-
Hackers leak Qantas data containing 5 million customer records after ransom deadline passes
Hacker collective Scattered Lapsus$ Hunters demanded payment in return for preventing the stolen data of nearly 40 companies from being shared<ul><li>Get our <a href=”https://www.theguardian.com/email-newsletters?CMP=cvau_sfl”>breaking news email, <a href=”https://app.adjust.com/w4u7jx3″>free app or <a href=”https://www.theguardian.com/australia-news/series/full-story?CMP=cvau_sfl”>daily news podcast</li></ul>Hackers leaked the personal records of five million Qantas customers on the dark web on Saturday afternoon after a ransom deadline set…