The Week in Ransomware - July 28th 2023 - New extortion tactics
With ransom payments declining, ransomware gangs are evolving their extortion tactics to utilize new methods to pressure victims. [...]
The Victims tag covers people and organizations harmed by cyberattacks, including breaches, scams, malware, identity theft, and data exposure.
Search across headline titles and summaries.
Background for this topic.
Victims are people, organizations, or public bodies that suffer harm from cyber-enabled activity, such as account compromise, fraud, unauthorized data access, malware, or service disruption. The term may describe both the directly compromised party and individuals whose information, devices, or accounts are affected through an incident involving another organization.
For security practitioners, victim impact guides triage and response: identify affected systems and data, contain access, preserve evidence, and restore trustworthy operations. Exposed personal or confidential information can create privacy and notification obligations, while compromised credentials or devices may enable further attacks against the victim or its contacts. Recording victim details in threat intelligence—such as the targeted sector, initial access method, and affected assets—can help identify campaigns and improve controls. Clear communication and support also matter, because victims need accurate guidance on credential resets, account monitoring, fraud reporting, and available remediation.
With ransom payments declining, ransomware gangs are evolving their extortion tactics to utilize new methods to pressure victims. [...]
US government services firm is latest to reveal compromise
Maximus plus Deloitte and Chuck E. Cheese join 500+ victim orgs Accounting giant Deloitte, pizza and birthday party chain Chuck E. Cheese, government contractor Maximus, and the Hallmark Channel are among the latest victims that the Russian ransomware crew Clop claims to have compromised via the MOVEit vulnerability.…
Third of Big 4 accountants get trampled by Clop, KPMG may be nervous Accounting giant Deloitte, pizza and birthday party chain Chuck E. Cheese, government contractor Maximus, and the Hallmark Channel are among the latest victims that the Russian ransomware crew Clop claims to have breached using the MOVEit file transfer hack.…
Likelihood of a firm falling victim to a VEC attack rose from 45% in June 2022 to 70% in May 2023
A deeper analysis of a recently discovered malware called Decoy Dog has revealed that it's a significant upgrade over the Pupy RAT, an open-source remote access trojan it's modeled on
Tax-paying individuals in Mexico and Chile have been targeted by a Mexico-based cybercrime group that goes by the name Fenix to breach targeted networks and steal valuable data
Extortionists know their targets have low tolerance for outages
The ALPHV ransomware gang, also referred to as BlackCat, is trying to put more pressure on their victims to pay a ransom by providing an API for their leak site to increase visibility for their attacks. [...]
The impact of fraud on a victim's health and well-being can be more painful than the financial loss.
Coveware claims small number of victims paid very high ransoms
Cybersecurity researchers said they have discovered what they say is the first open-source software supply chain attacks specifically targeting the banking sector
The Clop ransomware gang is copying an ALPHV ransomware gang extortion tactic by creating Internet-accessible websites dedicated to specific victims, making it easier to leak stolen data and further pressuring victims into paying a ransom. [...]