Tag: extortion

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/sonicwall-secure-mobile-access-exploitation-overstep-backdoor/ Source: Cloud Blog Title: Ongoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP Backdoor Feedly Summary: Written by: Josh Goddard, Zander Work, Dimiter Andonov Introduction Google Threat Intelligence Group (GTIG) has identified an ongoing campaign by a suspected financially-motivated threat actor we track as UNC6148, targeting fully patched end-of-life SonicWall…

The Register: Crims hijacking fully patched SonicWall VPNs to deploy stealthy backdoor and rootkit

Jul 16, 2025

—

by

Source URL: https://www.theregister.com/2025/07/16/sonicwall_vpn_hijack/ Source: The Register Title: Crims hijacking fully patched SonicWall VPNs to deploy stealthy backdoor and rootkit Feedly Summary: Someone’s OVERSTEPing the mark Unknown miscreants are exploiting fully patched, end-of-life SonicWall VPNs to deploy a previously unknown backdoor and rootkit, likely for data theft and extortion, according to Google’s Threat Intelligence Group.… AI…

Krebs on Security: UK Charges Four in ‘Scattered Spider’ Ransom Group

Jul 10, 2025

—

by

Source URL: https://krebsonsecurity.com/2025/07/uk-charges-four-in-scattered-spider-ransom-group/ Source: Krebs on Security Title: UK Charges Four in ‘Scattered Spider’ Ransom Group Feedly Summary: Authorities in the United Kingdom this week arrested four alleged members of “Scattered Spider," a prolific data theft and extortion group whose recent victims include multiple airlines and the U.K. retail chain Marks & Spencer. AI Summary and…

CSA: ESXi Ransomware: Protect Virtual Infrastructure

Jun 25, 2025

—

by

Source URL: https://cloudsecurityalliance.org/articles/esxi-ransomware-the-growing-threat-to-virtualized-environments Source: CSA Title: ESXi Ransomware: Protect Virtual Infrastructure Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the emerging trend of ransomware attacks specifically targeting ESXi hypervisor environments, underscoring the urgent need for specialized security measures to protect virtual infrastructures. It outlines the evolution of ransomware tactics, the anatomy of…

Cloud Blog: Cloud CISO Perspectives: How Google secures AI Agents

Jun 12, 2025

—

by

Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-how-google-secures-ai-agents/ Source: Cloud Blog Title: Cloud CISO Perspectives: How Google secures AI Agents Feedly Summary: Welcome to the first Cloud CISO Perspectives for June 2025. Today, Anton Chuvakin, security advisor for Google Cloud’s Office of the CISO, discusses a new Google report on securing AI agents, and the new security paradigm they demand.As…

The Register: Play ransomware crims exploit SimpleHelp flaw in double-extortion schemes

—

by

Source URL: https://www.theregister.com/2025/06/04/play_ransomware_infects_900_victims/ Source: The Register Title: Play ransomware crims exploit SimpleHelp flaw in double-extortion schemes Feedly Summary: Recompiled binaries and phone threats used to boost the pressure Groups linked with the Play ransomware have exploited more than 900 organizations, the FBI said Wednesday, and have developed a number of new techniques in their double-extortion…

Slashdot: Fake IT Support Calls Hit 20 Orgs, End in Stolen Salesforce Data and Extortion, Google Warns

—

by

Source URL: https://it.slashdot.org/story/25/06/04/1654250/fake-it-support-calls-hit-20-orgs-end-in-stolen-salesforce-data-and-extortion-google-warns?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Fake IT Support Calls Hit 20 Orgs, End in Stolen Salesforce Data and Extortion, Google Warns Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a cybersecurity incident involving a group of financially motivated scammers, known as UNC6040, who executed voice-phishing attacks to manipulate employees into installing…

The Register: Fake IT support calls hit 20 orgs, end in stolen Salesforce data and extortion, Google warns

—

by

Source URL: https://www.theregister.com/2025/06/04/fake_it_support_calls_hit/ Source: The Register Title: Fake IT support calls hit 20 orgs, end in stolen Salesforce data and extortion, Google warns Feedly Summary: Victims include hospitality, retail and education sectors A group of financially motivated cyberscammers who specialize in Scattered-Spider-like fake IT support phone calls managed to trick employees at about 20 organizations…

Cloud Blog: Hello, Operator? A Technical Analysis of Vishing Threats

—

by