Tag: ransom
-
Here is the email Clop attackers sent to Oracle customers
The emails, which are littered with broken English, aim to instill fear, apply pressure, threaten public exposure and seek negotiation for a ransom payment. First seen on cyberscoop.com Jump to article: cyberscoop.com/extortion-email-clop-oracle-customers/
-
Extortionists Claim Mass Oracle E-Business Suite Data Theft
Executives Receiving Ransom Demands of Up to $50 Million, Warns Ransomware Expert. Extortionists are shaking down executives at organizations that use Oracle E-Business Suite, claiming to have stolen their sensitive data and demanding ransoms of up to $50 million, multiple cybersecurity firms are warning. The criminals claim to be associated with the Clop ransomware group.…
-
Medusa Ransomware Claims Comcast Data Breach, Demands $1.2M
Medusa ransomware group claims 834 GB data theft from Comcast, demanding $1.2M ransom while sharing screenshots and file listings. First seen on hackread.com Jump to article: hackread.com/medusa-ransomware-comcast-data-breach/
-
Ransom Tales: Volume IV Emulating Rhysida, Charon and Dire Wolf Ransomware
AttackIQ presents the fourth volume of Ransom Tales, an initiative focused on emulating the Tactics, Techniques, and Procedures (TTPs) exhibited by sophisticated and prominent ransomware families with the objective of empowering defenders to rigorously challenge their security controls and enhance resilience against disruptive and extortive threats. In this release, AttackIQ presents three new attack graphs…
-
Hackers reportedly steal pictures of 8,000 children from Kido nursery chain
Firm, which has 18 sites around London and more in US, India and China, has received ransom demand, say reportsThe names, pictures and addresses of about 8,000 children have reportedly been stolen from the Kido nursery chain by a gang of cybercriminals.The criminals have demanded a ransom from the company which has 18 sites around…
-
Hackers reportedly steal details of 8,000 children from Kido nursery chain
Firm, which has 18 sites around London and more in US, India and China, has received ransom demand, say reportsThe names, pictures and addresses of about 8,000 children have reportedly been stolen from the Kido nursery chain by a gang of cybercriminals.The criminals have demanded a ransom from the company which has 18 sites around…
-
DOJ: Scattered Spider took $115 million in ransoms, breached a US court system
The Scattered Spider cybercriminal operation was able to extort at least $115 million in a three-year spree that also included the breach of a federal court network, U.S. authorities said in unsealing charges against one suspect. First seen on therecord.media Jump to article: therecord.media/scattered-spider-unsealed-charges-115million-extortion-breached-courts-system
-
UK Police Arrest Two Scattered Spider Hackers Over London Transport Breach
UK law enforcement agencies have arrested two individuals linked to the notorious Scattered Spider cybercriminal group. The arrests, announced on Tuesday, pertain to a sophisticated attack on London’s transport systems. Authorities say the suspects infiltrated critical infrastructure networks, demanding ransom payments and causing widespread disruption. Details of the Arrests and Charges On Sept. 16, officers…
-
Scattered Spider Sting: 2 English Teens Charged With Attacks
UK and US Charge Suspects With Hitting Transport for London, Healthcare, Others. Two English teenagers have been charged with disrupting London’s transport network as part of a Scattered Spider cyberattack. One of the suspects has also been accused by the U.S. of helping to attack 120 other victims, generating $115 million in ransom payments. First…
-
Pair of Suspected Scattered Spider Hackers Charged by UK, US Authorities
One of the teenage suspects is accused of involvement in at least 120 attacks, resulting in $115m in ransom payments First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-uk-charge-scattered-spider/
-
Top 10 Best Ransomware Protection Companies in 2025
As per a recent Sophos report from July 2025, 53% of Indian organizations impacted by ransomware paid the ransom, though the median payment saw a significant drop to around $481,636 (approximately ₹4 crore). However, the average recovery cost, excluding ransom, soared to $1.01 million (roughly ₹8.4 crore). These figures highlight that even if ransoms are…
-
INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance
Panama’s Ministry of Economy and Finance disclosed a security breach impacting a computer in its infrastructure. Panama’s Ministry of Economy and Finance (MEF) announced that threat actors likely compromised one of its computers. The Ministry immediately activated its security protocols to contain the threat. Panama’s Ministry pointed out that critical systems vital to operations remain…
-
Ransomware Payments Plummet in Education Amid Enhanced Resiliency
Sophos found that average ransom demands and payments fell substantially in the education sector in 2025, as recovery time and costs fell First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ransomware-payments-plummet/
-
Ransomware Payments Plummet in Education Amid Enhanced Resiliency
Sophos found that average ransom demands and payments fell substantially in the education sector in 2025, as recovery time and costs fell First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ransomware-payments-plummet/
-
LunaLock Ransomware Attacking Artists to Steal and Encrypt Data
LunaLock, a newly surfaced ransomware strain, has launched a targeted campaign against independent artists and their clients, demanding a hefty ransom in exchange for stolen creative works and leaked personal data. Emerging in early September 2025, the LunaLock group claims responsibility for breaching Artists & Clients, a popular digital marketplace where illustrators connect with patrons…
-
Dutch Lab Cancer Screening Hack Balloons to 941,000 Victims
Ransomware Gang Nova Poised to Leak Patient Data, Lab Stays Mum on Negotiations. With ransomware gang Nova threatening to leak patient data on the darkweb, a Dutch laboratory that performs cervical cancer tests for a government screening program is mum about the ransom negotiations, but it says the cyberattack in July has affected 941,000 patients.…
-
Pennsylvania AG says recovery continues after office refused to pay ransomware gang
Pennsylvania Attorney General Dave Sunday said his office has made significant progress in recovering from an August 11 cyberattack, and it did not pay a ransom to the intruders. First seen on therecord.media Jump to article: therecord.media/pennsylvania-attorney-general-office-ransomware-attack-recovery
-
Ransomware Attack on Pennsylvania’s AG Office Disrupts Court Cases
Pennsylvania’s Attorney General confirmed the OAG had refused to pay a ransom demand to the attackers after files were encrypted First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ransomware-pennsylvania-ag/
-
Google Urges 2.5B Gmail Users to Reset Passwords After Salesforce Breach
A sophisticated voice phishing operation has emerged as a significant threat to organizations worldwide, with cybercriminals successfully infiltrating Salesforce environments to steal sensitive data and demand ransom payments. Google’s Threat Intelligence Group has identified this financially motivated campaign, designating the primary threat cluster as UNC6040, which has demonstrated alarming success in breaching corporate networks through…
-
Ransom Tales: Volume III Emulating INC, Lynx and SafePay Ransomware
AttackIQ presents the third volume of Ransom Tales, an initiative focused on emulating the Tactics, Techniques, and Procedures (TTPs) exhibited by sophisticated and prominent ransomware families with the objective of empowering defenders to rigorously challenge their security controls and enhance resilience against disruptive and extortive threats. In this release, AttackIQ presents three new attack graphs…
-
Cybercrime increasingly moving beyond financial gains
Tags: attack, awareness, business, ciso, computer, corporate, cyber, cyberattack, cybercrime, cybersecurity, defense, disinformation, espionage, finance, government, group, hacker, hacking, incident response, infrastructure, intelligence, iran, malicious, military, network, ransom, ransomware, risk, risk-analysis, russia, strategy, theft, threat, tool, ukraine, vulnerability, wormsrcset=”https://b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?quality=50&strip=all 892w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=223%2C300&quality=50&strip=all 223w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=768%2C1033&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=761%2C1024&quality=50&strip=all 761w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=518%2C697&quality=50&strip=all 518w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=125%2C168&quality=50&strip=all 125w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=62%2C84&quality=50&strip=all 62w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=357%2C480&quality=50&strip=all 357w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=268%2C360&quality=50&strip=all 268w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=186%2C250&quality=50&strip=all 186w” width=”761″ height=”1024″ sizes=”auto, (max-width: 761px) 100vw, 761px”> Incibe. En la imagen, Patricia Alonso GarcÃa.”We are very redundant when talking about cybercrime, because we always associate it with economic motivations,” says Hervé Lambert, global consumer operations…
-
Microsoft Unveils Storm-0501’s Cloud-Based Ransomware Deployment Tactics
Tags: backup, cloud, cyber, data, encryption, endpoint, exploit, intelligence, malware, microsoft, ransom, ransomware, tactics, threatMicrosoft Threat Intelligence has detailed the evolving tactics of the financially motivated threat actor Storm-0501, which has transitioned from traditional on-premises ransomware deployments to sophisticated cloud-based operations. Unlike conventional ransomware that relies on endpoint encryption malware and subsequent decryption key negotiations, Storm-0501 exploits cloud-native capabilities to exfiltrate massive data volumes, obliterate backups, and enforce ransom…
-
Storm-0501 debuts a brutal hybrid ransomware attack chain
Tags: access, attack, backup, breach, ciso, cloud, data, exploit, least-privilege, microsoft, ransom, ransomware, risk, threat, vulnerabilityA holistic approach to put organizations under pressure: Microsoft’s DiGrippo emphasizes that the unique aspect of this new method is that it leverages hybrid environments that have both on-prem and cloud assets. “They put you in a situation where you’re under a significant amount of pressure because they’ve escalated privileges for themselves on both your…
-
Storm-0501 debuts a brutal hybrid ransomware attack chain
Tags: access, attack, backup, breach, ciso, cloud, data, exploit, least-privilege, microsoft, ransom, ransomware, risk, threat, vulnerabilityA holistic approach to put organizations under pressure: Microsoft’s DiGrippo emphasizes that the unique aspect of this new method is that it leverages hybrid environments that have both on-prem and cloud assets. “They put you in a situation where you’re under a significant amount of pressure because they’ve escalated privileges for themselves on both your…
-
HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands
Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay screens to display extortion messages.”A prominent characteristic of the latest variant is its capacity to deploy a full-screen ransomware overlay, which aims to coerce the victim into remitting a ransom payment,” Zimperium zLabs researcher Vishnu Pratapagiri First…
-
Behind the Coinbase breach: Bribery emerges as enterprise threat
Coinbase’s widely praised incident response: Coinbase’s transparency, firm stance against the ransom, quick remediation, and willingness to compensate its customers earned wide praise from cybersecurity professionals.According to Coinbase’s Martin, the hackers resorted to paying help desk workers in India precisely because the company had built such a robust security program. Bribery, according to Martin, was…
-
What is the cost of a data breach?
Tags: access, ai, api, attack, automation, breach, business, ciso, compliance, cyber, cyberattack, cybersecurity, data, data-breach, detection, finance, fraud, healthcare, ibm, identity, incident response, india, infrastructure, insurance, intelligence, jobs, law, metric, privacy, programming, ransom, ransomware, regulation, risk, security-incident, service, skills, software, supply-chain, technology, theft, threat, tool, vulnerabilityCanada ($4.84 million) and the UK ($4.14million) remain in the top 10 hardest hit, with ASEAN or Association of Southeast Asian Nations ($3.67 million), Australia ($2.55 million), and India ($2.51 million) among the top 15. Breaches by industry: Healthcare remains the industry hit with the highest costs per breach by far, at $7.42 million despite…
-
Singapore issues critical alert on Dire Wolf ransomware targeting global tech and manufacturing firms
Tags: attack, authentication, backup, business, compliance, control, credentials, cyber, data, defense, email, endpoint, extortion, insurance, intelligence, leak, malicious, mfa, msp, network, phishing, ransom, ransomware, resilience, risk, supply-chain, threat, updateRipple effects on global enterprises: The global business fallout of Dire Wolf ransomware attacks is significant and poses a multi-layered, high-impact threat to global enterprises.”Its attacks directly disrupt operations and supply chains, particularly in manufacturing and tech, leading to production delays, revenue loss, and downstream customer impact,” said Manish Rawat, analyst at TechInsights. “Financial impact…
-
Operation Secure Saint Paul: Interlock Ransomware Hits City with 43GB Data Leak
Have you heard about Operation Secure Saint Paul? The city of St. Paul, Minnesota, has confirmed the July 25 cyberattack was a ransomware assault carried out by the group Interlock. The hackers claim they posted 43 gigabytes of stolen city data online”, including HR files and even personal items. The city refused to pay ransom…
-
UK’s Colt hit by cyberattack, support systems offline amid ransom threat
Tags: api, attack, china, communications, cve, cyberattack, data, data-breach, exploit, finance, flaw, group, infrastructure, Internet, microsoft, network, programming, ransom, rce, remote-code-execution, russia, service, software, threat, update, vulnerabilitywith samples on a Russian Tor site.”We’ve seen already this year that telecom is particularly vulnerable to attacks, and I think this WarLock attack highlights some recurring issues that telecom and large-scale network service providers are starting to see,” said Gabrielle Hempel, Security Operations Strategist at Exabeam. “There’s this operational ripple effect when you’re a…