S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]
Latest episode – listen and read now! Use our advice to advise your own friends and family… let’s all do our bit to stand up to scammers!
Continue ReadingInformation Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
Latest episode – listen and read now! Use our advice to advise your own friends and family… let’s all do our bit to stand up to scammers!
Continue ReadingIt’s a simple jingle and it’s solid advice: “If in doubt, don’t give it out!”
Continue ReadingIn slightly more than a month, the Conti ransomware collective compromised more than 40 companies worldwide, and the fastest attack took only three days, Group-IB’s noted in its latest report detailing the workings of one of the most prolific ransomware / extortion gangs out there. In two years, the ransomware operators attacked more than 850 […]
Continue ReadingIf your organization gets hit by a ransomware gang that has also managed to steal company data before hitting the “encrypt” button, which types of data are more likely to end up being disclosed as you debate internally on whether you should pay the ransomware gang off? Rapid7 analysts analyzed 161 data disclosures performed by […]
Continue ReadingThe Alphv (aka BlackCat) ransomware group is trying out a new tactic to push companies to pay for their post-breach silence: a clearnet (public Internet) website with sensitive data about the employees and customers stolen from a victim organization. Alphv has created a @haveibeenpwned-like site on the clearnet where the employees and customers of a […]
Continue ReadingZscaler released the findings of its annual ThreatLabz Ransomware Report, which revealed an 80 percent increase in ransomware attacks year-over-year. In 2022, the most prevalent ransomware trends include double-extortion, supply chain attacks, ransomware-as-a-service, ransomware rebranding, and geo-political incited ransomware attacks. The report details which industries are being targeted the most by cybercriminals, explains the damage […]
Continue ReadingA new cybercrime outfit that calls itself RansomHouse is attempting to carve out a niche of the cyber extortion market for itself by hitting organizations, stealing their data, and offering to delete it and provide a full report on how and what vulnerabilities were exploited in the process – all for a fee, of course. […]
Continue ReadingCybercriminals often specialize. An extortion effort usually begins with a person or a team selecting targets in one of two ways: either they get a request from an extortionist or they just find their own victim to sell access to. Attackers pick victims who are likely to result in a good payout, and those are […]
Continue ReadingRecent claims by the cyber extortion gang have been validated by Okta and Microsoft: Lapsus$ have managed to get their hands on some of Microsoft’s source code and have gained access to the laptop of a support engineer working for a third-party contractor for Okta, allowing them to potentially impact approximately 2.5% of the company’s […]
Continue ReadingAfter breaching NVIDIA and Samsung and stealing and leaking those companies’ propertary data, the Lapsus$ cyber extortion gang has announced that they have popped Microsoft and Okta. Lapsus$ gang’s claims If Lapsus$’s assertions prove to be true, this (previously) relatively unknown hacking group has quickly become another threat actor that big corporations have to worry […]
Continue Reading