Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

76 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 76 Filtered view

A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion attacks, while leveraging resources from various ransomware-as-a-service (RaaS) schemes like LockBit (aka Tenacious Mantis), Qilin (aka Pestilent Mantis), and Medusa (aka Venomous Mantis)

A 5-year study on the Ransomware Economy found that 30,515 exposed databases were hit by ransom attacks, causing massive damage despite victims never paying. Database extortion doesn’t look like the ransomware stories that usually grab headlines. There’s no slick branding, no leak-site countdown, no gang posting memes on Telegram. In most cases, there’s just a […]

An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021.

New ransomware of choice, same critical targets North Korea’s Lazarus Group appears to have added another tool to its kit. It has begun using Medusa ransomware in extortion attacks targeting at least one US healthcare organization and an unnamed victim in the Middle East, according to Symantec and Carbon Black threat hunters.…

Stealthy Group Taps Blockchain 'EtherHiding' to Facilitate Victim CommunicationsThe DeadLock ransomware group, a newly emerged digital extortion group, is using blockchain smart contracts to store proxy server addresses for facilitating ransomware negotiations with victim organizations. The technique suggests the group is made up of experienced cybercriminals.

Criminals Claim Leak of Customer Data From Six Victims, Including Qantas AirlinesA ransomware group that's been extorting Salesforce customers leaked some stolen data, following the FBI disrupting its shakedown sites. ShinyHunters, part of the rebranded Scattered Lapsus$ Hunters group, after leaking data from six victims, declared its Salesforce customer shakedown over.

Bank Info Security 9 months, 2 weeks ago

Ransomware Group Debuts Salesforce Customer Data Leak Site

Scattered Lapsus$ Hunters Claims 1 Billion Stolen Records, Pressures Victims to PayContinuing its ongoing extortion of Salesforce customers, the Scattered Lapsus$ Hunters ransomware operation has launched a data leak site, claiming to have stolen 1 billion records from hundreds of organizations that integrated Salesforce with the Salesloft Drift AI chatbot.

AI-powered ransomware, extortion chatbots, vibe hacking … just wait until agents replace affiliates It's no secret that AI tools make it easier for cybercriminals to steal sensitive data and then extort victim organizations. But two recent developments illustrate exactly how much LLMs lower the bar for ransomware and other financially motivated cybercrime — and provide a glimpse to defenders about what's on the horizon.…

Move Raises Possibility Group Isn't Just Marketing Its Malware to CriminalsUp-and-coming ransomware group Anubis has tweaked its malware to irrevocably wipe victims' data - an unusual tactic from hackers whose typical corrupt bargain is restored data in exchange for extortion money. Why would a ransomware attacker seeking leverage in negotiations ever do this?

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday disclosed that ransomware actors are targeting unpatched SimpleHelp Remote Monitoring and Management (RMM) instances to compromise customers of an unnamed utility billing software provider

Bank Info Security 1 year, 3 months ago

Ransomware Underground Faces Declining Relevance

Rising Attacks Masks Lowering Profits, Attention Economy CompetitionRansomware groups' collective power to command victims' attention and compel extortion is waning, notwithstanding the disruption and chaos that continues to be their hallmark. The criminal underground powering ransomware is a world in flux where old, established groups are giving way to new brands.

Loading more headlines...