Clop ransomware gang is back, hits 21 victims in a single month
After effectively shutting down their entire operation for several months, between November and February, the Clop ransomware is now back according to NCC Group researchers. [...]
The Victims tag covers people and organizations harmed by cyberattacks, including breaches, scams, malware, identity theft, and data exposure.
Search across headline titles and summaries.
Background for this topic.
Victims are people, organizations, or public bodies that suffer harm from cyber-enabled activity, such as account compromise, fraud, unauthorized data access, malware, or service disruption. The term may describe both the directly compromised party and individuals whose information, devices, or accounts are affected through an incident involving another organization.
For security practitioners, victim impact guides triage and response: identify affected systems and data, contain access, preserve evidence, and restore trustworthy operations. Exposed personal or confidential information can create privacy and notification obligations, while compromised credentials or devices may enable further attacks against the victim or its contacts. Recording victim details in threat intelligence—such as the targeted sector, initial access method, and affected assets—can help identify campaigns and improve controls. Clear communication and support also matter, because victims need accurate guidance on credential resets, account monitoring, fraud reporting, and available remediation.
After effectively shutting down their entire operation for several months, between November and February, the Clop ransomware is now back according to NCC Group researchers. [...]
And that's a bit odd, says Red Canary A strain of Windows uses PowerShell to add a malicious extension to a victim's Chrome browser for nefarious purposes. A macOS variant exists that uses Bash to achieve the same and also targets Safari.…
Another day, another DDoS attack that tries to scare the victim into paying up with mention of dreaded gang Akamai has spoken of a distributed denial of service (DDoS) assault against one of its customers during which the attackers astonishingly claimed to be associated with REvil, the notorious ransomware-as-a-service gang.…
Shut up and take ... poor kids to KFC? In what is either a creepy, weird spin on Robin Hood or something from a Black Mirror episode, we're told a ransomware gang is encrypting data and then forcing each victim to perform three good deeds before they can download a decryption tool.…
The Industrial Spy data extortion marketplace has now launched its own ransomware operation, where they now also encrypt victim's devices. [...]
A malvertising threat is witnessing a new surge in activity since its emergence earlier this year
A year-long international investigation has resulted in the arrest of the suspected head of the SilverTerrier cybercrime group by the Nigeria Police Force
Malicious actors can gain unauthorized access to users' online accounts via a new technique called "account pre-hijacking," new research has found
In detail: Ocean's Eleven-grade ruse in which victims' profiles are rigged from the start Two security researchers have identified five related techniques for hijacking internet accounts by preparing them to be commandeered in advance.…
Popular video conferencing service Zoom has resolved as many as four security vulnerabilities, which could be exploited to compromise another user over chat by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages and execute malicious code
Google Project Zero blows lid off bug involving that old chestnut: XML parsing Zoom has fixed a security flaw in its video-conferencing software that a miscreant could exploit with chat messages to potentially execute malicious code on a victim's device.…
Let's face it: we all use email, and we all use passwords. Passwords create inherent vulnerability in the system. The success rate of phishing attacks is skyrocketing, and opportunities for the attack have greatly multiplied as lives moved online. All it takes is one password to be compromised for all other users to become victims of a data breach. To deliver additional security, therefore,
Crafty file names, encrypted malicious code, Office flaws – ah, it's like the Before Times HP's cybersecurity folks have uncovered an email campaign that ticks all the boxes: messages with a PDF attached that embeds a Word document that upon opening infects the victim's Windows PC with malware by exploiting a four-year-old code-execution vulnerability in Microsoft Office.…
US car manufacturer GM disclosed that it was the victim of a credential stuffing attack last month that exposed customer information and allowed hackers to redeem rewards points for gift cards. [...]
US car manufacturer GM disclosed that it was the victim of a credential stuffing attack last month that exposed customer information and allowed hackers to redeem rewards points for gift cards. [...]
Scammers are now leveraging dating apps like Tinder and Grindr to pose themselves as former victims of physical abuse to gain your trust and sympathy and sell you "ID verification" services. BleepingComputer came across multiple instances of users on online dating apps being approached by these catfishing profiles. [...]
Yet another data-extortion cybercrime operation has appeared on the darknet named 'RansomHouse' where threat actors publish evidence of stolen files and leak data of organizations that refuse to make a ransom payment. [...]
A security researcher disclosed details of a clickjacking attack demonstrated against PayPal that could be exploited to steal victims' account balances in a single click