Tag: extortion
115 articles

Engineer Pleads Guilty to Ransomware Extortion Plot Targeting Industrial Firm
A former infrastructure engineer has pleaded guilty to a ransomware extortion plot that targeted his own employer, an industrial firm in New Jersey, by locking administrators out of 254 servers. This shocking breach of trust highlights the devastating consequences of insider threats in the digital age.

Meet Rey: Exclusive Profile of Controversial Admin
Meet Rey—the pseudonymous face of Scattered LAPSUS$ Hunters—who unexpectedly lifted his veil after KrebsOnSecurity traced him to his father and secured an interview. That admission could shatter the groups anonymity and change the game for investigators, rivals and recruits.

Rey Exclusive: Inside the Best Scattered Lapsus$ Admin
When a reporter called his father and unmasked Rey, the public face of Scattered LAPSUS$ Hunters, it upended a group built on anonymity and exposed how social‑engineering, account takeovers and micropaid crowds power a new, scalable extortion playbook. The fallout forces a rare reckoning about motive, accountability—and the practical fixes defenders and regulators can’t ignore.

Google Maps Launches Exclusive Effortless Tool vs Extortion
When a one-star review reads like a ransom note, Google Maps is giving small businesses a direct line to fight back. The new dedicated form makes reporting review bombing and extortion attempts effortless, helping protect reputations and revenue.

Scattered Spider Exclusive: Dangerous Unified Collective
Imagine low‑tech social engineering and SIM swaps teaming up with mass data brokers — that’s Scattered Spider, ShinyHunters and LAPSUS$ fusing tactics to turn bulk theft into pinpoint extortion. Security teams and cloud customers now face a hybrid, high‑leverage threat targeting SaaS platforms like Salesforce.

Scattered Lapsus$ Hunters: Exclusive Alarming Tactic Shift
Scattered Lapsus$ Hunters are reportedly swapping big-data breaches for micropaid crowdsourcing: tiny Bitcoin bounties to many contributors to flood executives with calls, DMs and mentions. Its a cheap, scalable harassment‑for‑hire tactic that blurs into extortion and could leave platforms and regulators flat-footed.

ShinyHunters extortion: Stunning Risky Corporate Threat
Imagine waking up to find your company’s secrets posted online unless you pay up — that’s the stark reality dozens of firms now face after ShinyHunters launched a brazen public extortion site. This escalation — tied to prior Salesforce, Discord, and Red Hat breaches — raises the stakes for stronger security, faster incident response, and clearer vendor transparency.

ShinyHunters Exclusive: Dangerous Corporate Extortion
ShinyHunters has escalated from voice‑phishing to a public extortion site threatening to dump data from dozens of Fortune 500 companies. That shift puts customers and companies at risk and makes strengthening human‑centric defenses and zero‑trust controls urgently necessary.

Scattered Spider Shocking $115M Ransom Scandal
How did a 19‑year‑old become the alleged face of a criminal group accused of extracting $115 million in ransoms? U.S. prosecutors say Thalha Jubair and a co‑conspirator tied to Scattered Spider used social engineering and stolen credentials to hit hospitals, transit and retailers—proof that stronger defenses and international cooperation are now essential.

ransomware payments: Stunning Risky Surge to $3.6M
Ransomware payments jumped 44% to an average $3.6M in 2025 as attackers shift to fewer, higher-value strikes—forcing organizations to weigh grim pragmatism against costly downtime, data leaks, and regulatory fallout.

email bomb campaigns: Exclusive Dangerous Zendesk Flaw
Imagine waking to hundreds of threatening emails that look like they came from companies you trust — attackers abused weak outbound authentication in Zendesk to launch hard-to-block email bomb campaigns, a wake-up call for vendors and customers to tighten SPF/DKIM/DMARC and stronger default protections now.

Scattered Lapsus$ Hunters: Exclusive Risky Hiatus
After the FBI seized their site, teenage collective Scattered Lapsus$ Hunters vowed to go dark until 2026 — a defiant restart in a familiar retire-regroup-return cycle. Whether they stick to it or not, defenders should treat the pause as a chance to patch vulnerabilities, rotate credentials and strengthen defenses.

BreachForums Stunning Win: Risky Yet Crucial Takedown
U.S. and French authorities have shut down the latest BreachForums marketplace, a welcome blow to a forum that trafficked stolen data and coordinated extortion. But while the takedown disrupts criminals and helps victims, the real test is whether arrests and sustained action can stop cybercriminals from just reappearing elsewhere.

extortion attempt: Exclusive Risky Refusal Shakes Trust
When an extortionist claimed nearly a billion Salesforce records were stolen, the company made a bold choice: no negotiation, no payment. That stance forces customers and the industry to balance short-term harm against the long-term need to deter cybercrime.

Scattered Lapsus$ Hunters: Risky Stunning Extortion
Believe it or not, a loose group offering just $10 in Bitcoin is recruiting crowds to harass executives — a novel, low-cost form of extortion that trades big payouts for mass nuisance and could be dangerously scalable.

Radiant Group: Stunning, Dangerous Shift to Hospitals
Radiant Group has quietly shifted from attacking day-care centers to targeting hospitals, a chilling move that trades public outrage for far greater leverage over life-or-death systems. That pivot raises urgent questions about patient safety, exposed health records, and how we prioritize cyber defense for our most vulnerable institutions.

Oracle E-Business Suite Exclusive Patch: Risky Threat
Oracle just pushed an emergency patch for a 9.8-rated zero‑day in E‑Business Suite that Clop has already exploited to steal data and extort victims — if you run EBS, patch now and hunt for signs of compromise. This high‑severity, out‑of‑cycle fix shows how one flaw in widely used enterprise software can force organizations into urgent, risky choices between patching and business continuity.

Oracle E-Business Suite Critical Patch: Must-Have Fix
Oracle’s July patch closes the immediate Clop-linked weakness in E-Business Suite portals — but with thousands of internet-facing, heavily customized EBS installs still at risk, organizations need to patch, isolate access, and harden defenses now to avoid extortion.

Extortion Emails: Stunningly Risky Executive Threats
Executives are getting chilling extortion emails allegedly tied to Clop and FIN11, forcing companies to choose between secrecy, compliance, and decisive response. Now’s the time to tighten defenses, test your incident plan, and treat extortion risk as a board-level business priority.

Clop ransomware: Exclusive Risky Extortion Alert
Extortion emails claiming stolen Oracle E‑Business Suite data are rattling execs — but Google and Mandiant say they’ve found no proof, leaving companies stuck between precaution and panic. The result: tough choices about trust, disclosure and whether to pay up for silence when the evidence is murky.

LockBit ransomware Stunning Deadly New Variant
LockBit’s latest variant is faster, stealthier and can run on multiple operating systems, meaning ransomware risk now extends well beyond traditional Windows targets. Act now—strengthen segmentation, offline backups, MFA and timely patching to blunt its impact.

Scattered Spider Exclusive: Devastating $115M Ransom Ring
Imagine the lights going out at your local hospital or your commute being held hostage — a new U.S. indictment alleges 19‑year‑old Thalha Jubair is a core member of Scattered Spider tied to at least $115 million in ransoms that hit hospitals, transit and retailers. The case shows how low‑tech tricks like SIM swaps and social engineering let agile, global criminal crews cause massive, real‑world harm.

deepfake attack: Must-Have Best Defense Guide
When familiar voices and faces can be perfectly faked, trust — and your business — is suddenly vulnerable. With Gartner reporting 62% of organizations hit by a deepfake attack in the past year, now’s the time to tighten verification, train teams, and plan responses before reputations and finances are damaged.

ransomware groups: Stunning, Dangerous Threat to Museums
When ransomware knocked a French museum offline and thieves made off with $705,000 in gold, it became painfully clear that cyberattacks can enable real‑world heists — a wake‑up call for museums and small institutions to protect both their networks and their treasures.