Discord Reveals Data Breach Following Third-Party Compromise
Discord said a third-party customer services provider was compromised to access user data, with the attackers aiming to extort a financial ransom
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Discord said a third-party customer services provider was compromised to access user data, with the attackers aiming to extort a financial ransom
Don't let it happen to you Storm-0501, a financially motivated cybercrime crew, recently broke into a large enterprise's on-premises and cloud environments, ultimately exfiltrating and destroying data within the org's Azure environment. The criminals then contacted the victim via a Microsoft Teams account that they'd also compromised in the attack, demanding a ransom payment for the stolen files.…
Firm Admits Paying Ransom in Exchange of Hacker's Promise to Delete Stolen InfoTwo Florida-based law firms with offices in other states are notifying 282,100 people whose healthcare and other information was potentially compromised in separate data theft incidents. One of the firms admitted to paying a ransom to prevent its data from being leaked on the dark web.
The letters mimic typical ransom notes and threaten to delete or leak compromised data if payments aren't made, though none of the organizations that received them had active ransomware attacks.
Threat Actor 'Codefinger' Targets Cloud EnvironmentsA ransomware group is targeting Amazon S3 buckets, exploiting the data stored there using AWS’s server-side encryption with customer keys and demanding a ransom in exchange for the encryption key needed to unlock the data. The group uses compromised or publicly exposed AWS account credentials.
'Codefinger' crims on the hunt for compromised keys A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant's own server-side encryption with customer provided keys (SSE-C) to lock up victims' data before demanding a ransom payment for the symmetric AES-256 keys required to decrypt it.…
Oklahoma Integris Health Facing Multiple Lawsuits in 2023 BreachAn Oklahoma-based healthcare system is notifying 2.4 million individuals that their sensitive information was potentially compromised in an exfiltration incident last year. Cybercriminals have been attempting to extort ransom payments directly from some of those affected patients - including kids.
Still no word on how the intruders broke in or the full extent of any possible data compromise Global securities finance tech company EquiLend's systems are now back online after announcing a disruptive ransomware attack nearly two weeks ago.…
Internet plod highlight tactics used by cruel Karakurt crime gang Karakurt, a particularly nasty extortion gang that uses "extensive harassment" to pressure victims into handing over millions of dollars in ransom payments after compromising their IT infrastructure, pose a "significant challenge" for network defenders, we're told.…
Threat actor exploited known vulnerabilities in the Microsoft software to compromise multiple systems An affiliate of the aggressive Hive ransomware group is exploiting known vulnerabilities in Microsoft Exchange servers to encrypt and exfiltrate data and threaten to publicly disclose the information if the ransom isn't paid.…