S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]
Latest episode – listen and read now! Use our advice to advise your own friends and family… let’s all do our bit to stand up to scammers!
Continue ReadingCategory: extortion
FTC warns of LGBTQ+ extortion scams – be aware before you share!
It’s a simple jingle and it’s solid advice: “If in doubt, don’t give it out!”
Continue ReadingConti effectively created an extortion-oriented IT company, says Group-IB
In slightly more than a month, the Conti ransomware collective compromised more than 40 companies worldwide, and the fastest attack took only three days, Group-IB’s noted in its latest report detailing the workings of one of the most prolific ransomware / extortion gangs out there. In two years, the ransomware operators attacked more than 850 […]
Continue ReadingWhich stolen data are ransomware gangs most likely to disclose?
If your organization gets hit by a ransomware gang that has also managed to steal company data before hitting the “encrypt” button, which types of data are more likely to end up being disclosed as you debate internally on whether you should pay the ransomware gang off? Rapid7 analysts analyzed 161 data disclosures performed by […]
Continue ReadingRansomware gang publishes stolen victim data on the public Internet
The Alphv (aka BlackCat) ransomware group is trying out a new tactic to push companies to pay for their post-breach silence: a clearnet (public Internet) website with sensitive data about the employees and customers stolen from a victim organization. Alphv has created a @haveibeenpwned-like site on the clearnet where the employees and customers of a […]
Continue ReadingRansomware attacks setting new records
Zscaler released the findings of its annual ThreatLabz Ransomware Report, which revealed an 80 percent increase in ransomware attacks year-over-year. In 2022, the most prevalent ransomware trends include double-extortion, supply chain attacks, ransomware-as-a-service, ransomware rebranding, and geo-political incited ransomware attacks. The report details which industries are being targeted the most by cybercriminals, explains the damage […]
Continue ReadingRansomHouse: Bug bounty hunters gone rogue?
A new cybercrime outfit that calls itself RansomHouse is attempting to carve out a niche of the cyber extortion market for itself by hitting organizations, stealing their data, and offering to delete it and provide a full report on how and what vulnerabilities were exploited in the process – all for a fee, of course. […]
Continue ReadingTaking the right approach to data extortion
Cybercriminals often specialize. An extortion effort usually begins with a person or a team selecting targets in one of two ways: either they get a request from an extortionist or they just find their own victim to sell access to. Attackers pick victims who are likely to result in a good payout, and those are […]
Continue ReadingMicrosoft and Okta comfirm, detail impact of Lapsus$ gang’s attacks
Recent claims by the cyber extortion gang have been validated by Okta and Microsoft: Lapsus$ have managed to get their hands on some of Microsoft’s source code and have gained access to the laptop of a support engineer working for a third-party contractor for Okta, allowing them to potentially impact approximately 2.5% of the company’s […]
Continue ReadingLapsus$ gang says it has breached Okta and Microsoft
After breaching NVIDIA and Samsung and stealing and leaking those companies’ propertary data, the Lapsus$ cyber extortion gang has announced that they have popped Microsoft and Okta. Lapsus$ gang’s claims If Lapsus$’s assertions prove to be true, this (previously) relatively unknown hacking group has quickly become another threat actor that big corporations have to worry […]
Continue Reading