Skip to main content

Tag: extortion

115 articles

Scattered Spider gang Exclusive Arrest Exposes Risk

Scattered Spider gang Exclusive Arrest Exposes Risk

U.K. police arrested 17‑year‑old Thalha Jubair after tracing gift‑card purchases back to the same crypto wallets used in Scattered Spider’s alleged $115M extortion campaign. It’s a striking reminder that sloppy opsec and smart crypto forensics can crack sophisticated social‑engineering rings — and that businesses must tighten people‑centric defenses.

Analyst 207
Worn leather armchair sits beside a cracked, glowing computer screen with scattered papers and a broken lock on a dark,…

ransomware gangs Risky Retirement: Exclusive Warning

Fifteen ransomware gangs publicly claimed retirement on BreachForums — dramatic, but experts say it may be more theater than farewell. Don’t relax: rebrands, affiliate migrations and exit scams are common, so keep backups, MFA, segmentation and solid incident‑response readiness.

Analyst 207
Person in hoodie pauses over laptop with ransom demand on screen, face obscured by shadows.

ransomware groups Stunning Pause: Risky Relief Explained

At least 15 notorious ransomware groups have announced they’re going dark, offering a welcome — if uneasy — reprieve. Experts warn it could be a ruse or a regrouping, so use the lull to patch systems, harden identity controls, and test backups.

Analyst 207
Salesforce platforms: Must-Have Critical Security Guide

Salesforce platforms: Must-Have Critical Security Guide

The FBI just flagged active campaigns targeting Salesforce platforms—if you rely on Salesforce for customer data, now’s the time to harden access, rotate tokens, and audit integrations. Take a few simple steps today to prevent data theft, detect suspicious exports, and reduce your risk before attackers strike.

Analyst 207
Faster recovery: Stunning Win Cuts Ransomware Risk

Faster recovery: Stunning Win Cuts Ransomware Risk

Schools are quietly winning the ransomware battle—faster backups, tested recovery plans, and smarter preparation have slashed ransom demands and payments, turning attacks from crisis into manageable disruptions.

Analyst 207
JLR cyberattack: Exclusive Risky Extortion Claim

JLR cyberattack: Exclusive Risky Extortion Claim

Jaguar Land Rover is probing claims by a group calling itself Scattered Spider that it stole data and issued an extortion demand. The incident highlights growing cyber risks for automakers — from customer privacy to vehicle software and supply-chain vulnerabilities.

Analyst 207
ransomware operations: Urgent Must-Have Defense Guide

ransomware operations: Urgent Must-Have Defense Guide

AI-driven extortion has made attacks faster and more personal, but practical steps—MFA and least-privilege access, isolated immutable backups with restore drills, exfiltration detection, and pre-authorized legal and communications playbooks—can blunt the impact today. Act quickly, use AI defensively with human oversight, and engage law enforcement and experienced responders early to prevent escalation.

Analyst 207
AI-powered ransomware: Stunning New Risk Exposed

AI-powered ransomware: Stunning New Risk Exposed

ESET just uncovered PromptLock — the first AI-powered ransomware that runs OpenAI’s gpt-oss:20b locally via Ollama to generate bespoke Lua payloads on the fly. It’s a wake-up call: dynamically generated malware can evade signature-based defenses, so teams must lock down local model hosting, boost runtime monitoring, and update incident playbooks.

Analyst 207
compromised Microsoft Teams account: Stunning Risk Alert

compromised Microsoft Teams account: Stunning Risk Alert

Think your cloud and Teams are safe? Storm‑0501 slipped from on‑prem into Azure, stole sensitive files, and even used a compromised Teams account to extort the victim — a wake‑up call to lock down identities, tighten segmentation, and treat collaboration tools as prime targets.

Analyst 207
AI-powered ransomware: Stunning Dangerous Threat

AI-powered ransomware: Stunning Dangerous Threat

Researchers have uncovered PromptLock, the first known ransomware to use generative AI to craft personalized ransom notes and negotiate with victims—turning a speculative threat into an urgent reality. Its rise shows attackers can automate persuasion, forcing organizations to boost defenses, backups, and incident plans before AI-powered extortion becomes widespread.

Analyst 207
AI-powered ransomware: Exclusive Risky Breakthrough

AI-powered ransomware: Exclusive Risky Breakthrough

Researchers have uncovered PromptLock, a proof‑of‑concept ransomware that uses an open‑weight LLM to draft highly persuasive extortion messages—currently inactive in the wild but a clear warning that AI can amplify attackers’ social‑engineering tactics. Take it as a wake‑up call: patch, back up, segment networks, and sharpen detection before opportunistic criminals turn this experiment into a real threat.

Analyst 207
Hook Android Trojan: Stunning Dangerous Ransomware Threat

Hook Android Trojan: Stunning Dangerous Ransomware Threat

A new Hook Android Trojan variant now combines banking fraud with ransomware-style lockouts, letting attackers both steal credentials and hold phones hostage. Millions of users should tighten app sources, review permissions, and keep backups as defenders scramble to catch up.

Analyst 207
Rapper Bot Exposed: Stunning, Risky DDoS Service

Rapper Bot Exposed: Stunning, Risky DDoS Service

A 22-year-old Oregon man was charged in a sprawling “Rapper Bot” DDoS-for-hire scheme that prosecutors say helped knock Twitter/X offline, exposing how botnets have become a commercialized, high-impact crime. The case spotlights the everyday device vulnerabilities fueling these attacks—and why stronger security and enforcement can’t wait.

Analyst 207
phishing campaign: Stunning Risk to UK Sponsors

phishing campaign: Stunning Risk to UK Sponsors

A slick phishing campaign is targeting Home Office sponsor licence holders, risking fraud, extortion and even licence revocation by stealing the credentials used to manage migrant sponsorships. If you manage a sponsor account, verify any Home Office contact, enable MFA, and treat unexpected emails with extreme caution to protect your organisation and the people you sponsor.

Analyst 207
sextortion scams: Must-Have Best Survival Guide

sextortion scams: Must-Have Best Survival Guide

Most sextortion emails are bluffs—ask where’s the tape? and demand verifiable proof instead of paying. Secure your accounts with unique passwords and 2FA, scan devices, preserve evidence, and report the scam.

Analyst 207
Scattered Spider Stunning Arrests: Risky Networks Crippled

Scattered Spider Stunning Arrests: Risky Networks Crippled

UK police have arrested four people tied to the notorious Scattered Spider ransomware group, a major win in protecting businesses and customers from costly data theft and extortion. Experts warn, though, that arrests are only the beginning of a longer fight to shore up security and rebuild trust.

Analyst 207
Ex-Soldier Pleads Guilty to Extortion After Treason Search

Ex-Soldier Pleads Guilty to Extortion After Treason Search

A former Army soldier’s daring hack into telecom giants exposes the fine line between cybercrime and national security, raising chilling questions about loyalty, treason, and the power of insider threats.

Analyst 207
Ingram Micro Operations Disrupted by Ransomware Attack

Ingram Micro Operations Disrupted by Ransomware Attack

Ingram Micro faces significant operational disruption following a ransomware attack, impacting services and supply chains globally.

Analyst 207
Qantas Faces Extortion Following Recent Data Theft Cyberattack

Qantas Faces Extortion Following Recent Data Theft Cyberattack

Qantas is under threat of extortion after a recent cyberattack resulted in significant data theft, raising concerns about security and customer privacy.

Analyst 207
Ransomware: Hunters International Transitions to a New Brand Identity

Ransomware: Hunters International Transitions to a New Brand Identity

Ransomware: Hunters International unveils a bold new brand identity, reflecting its commitment to combating cyber threats and enhancing security solutions.

Analyst 207
Hunters International ransomware shuts down, releases free decryptors

Hunters International ransomware shuts down, releases free decryptors

Hunters International ransomware halts operations and offers free decryptors, aiding victims in recovering their data without paying a ransom.

Analyst 207
Ransomware crew Hunters International shuts down, hands out keys to victims

Ransomware crew Hunters International shuts down, hands out keys to victims

Ransomware group Hunters International has shut down operations and is distributing decryption keys to victims, offering relief from their attacks.

Analyst 207
DOJ Probes Former Ransomware Negotiator for Alleged Extortion Kickbacks

DOJ Probes Former Ransomware Negotiator for Alleged Extortion Kickbacks

DOJ investigates a former ransomware negotiator for alleged extortion kickbacks, raising concerns over ethics and integrity in cybersecurity practices.

Analyst 207
UK Ransom Payments Surge as Victims Lag Behind Global Counterparts

UK Ransom Payments Surge as Victims Lag Behind Global Counterparts

UK ransom payments soar as victims struggle to keep pace with global trends, highlighting increasing cybersecurity challenges and vulnerabilities.

Analyst 207