extortion (8)

12992518683?profile=RESIZE_400xAn extortionist armed with a new variant of MedusaLocker ransomware has infected more than 100 organizations a month since at least 2022, according to Cisco Talos, which recently discovered a "substantial" Windows credential data dump that sheds light on the criminal and their victims.  The miscreant, whom Talos calls "PaidMemes," uses a recent MedusaLocker variant called "BabyLockerKZ," and inserts the words "paid_memes" into the malware plus other tools used during the attacks.

Recent research

12761979853?profile=RESIZE_400xThe government of Columbus, Ohio said it is aware of claims made by a ransomware gang that troves of sensitive city information are available for sale.  The Rhysida ransomware group took credit on Wednesday for the 18 July, threatening to leak 6.5 terabytes of exfiltrated information from the city’s systems allegedly containing emergency services data, access to city cameras and more.

A city spokesperson said late last week they are aware of the matter but could not comment, adding that the situ

12144609461?profile=RESIZE_400xBritish prosecutors say teen Lapsus$ member was behind hacks on Uber, Rockstar.  Earlier this week a British Crown Court lifted a reporting restriction, allowing the naming of a teenager who is accused of hacking Uber, Revolut, and video game developer Rockstar Games in a short period of time last September.  The teen, who is now 18, has been deemed not fit to stand trial by medical professionals.  The jury will decide whether he is liable for the hacking incidents rather than guilty of them.[1]

11128908088?profile=RESIZE_400xBianLian is a ransomware developer, deployer, and data extortion cybercriminal group who has targeted organizations in multiple US critical infrastructure sectors since June 2022.  They have also targeted Australian critical infrastructure sectors in addition to professional services and property development. The group gains access to victim systems through valid Remote Desktop Protocol (RDP) credentials, use open-source tools and command-line scripting for discovery and credential harvesting, a

10599094693?profile=RESIZE_400xIt has been reported that cyber criminals are sending out millions of phishing emails a day, using extortion and other schemes to steal Bitcoin and other cryptocurrencies from victims.  The phishing attacks use a variety of techniques to trick people into transferring sums of Bitcoin, including phony requests for charity donations and Business Email Compromise BEC scams.

See:  https://redskyalliance.org/xindustry/what-the-heck-is-bec

According to a report by cybersecurity researchers at Proofpoi

8127316299?profile=RESIZE_400xThe Maze cybercrime gang, which revolutionized the ransomware business by adding an extortion element to each attack, has issued a statement saying it has hung up its spikes and will retire, at least temporarily.  Can you believe anything a ransomware group says?  Maze posted a "retirement" notice to its darknet site on Nov. 1 saying: "This project is now closed." The word "project" appears to be a reference to the ransomware gang stating in the note that its attacks were intended to teach its v

Below is the Executive Summary regarding the recent email bomb threats sent internationally.  Our good friends from Global Guardian shared their threat assessment for situational awareness.

Summary - On 13 December 2018, hundreds of businesses, law enforcement agencies and public services across the United States and Canada received email threats demanding a bitcoin payment of $20,000 in the early afternoon, prompting evacuations, building sweeps and overloading police call centers. What’s more,

Red Sky Alliance (RSAC) members have reported seeing and, or receiving fake sextortion scams.  These scam emails typically provide old password that was used by the user.  These emails are an attempt to extort money, claiming the sender has compromising information indicating the user was involved in viewing pornographic sites.  The sender claims to have compromising video recordings of the user and alleges to have additional “stolen secrets” of a compromising sexual nature.  An RSAC member in t