Security news aggregator

Latest coverage for Victims

The Victims tag covers people and organizations harmed by cyberattacks, including breaches, scams, malware, identity theft, and data exposure.

12 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Victims are people, organizations, or public bodies that suffer harm from cyber-enabled activity, such as account compromise, fraud, unauthorized data access, malware, or service disruption. The term may describe both the directly compromised party and individuals whose information, devices, or accounts are affected through an incident involving another organization.

For security practitioners, victim impact guides triage and response: identify affected systems and data, contain access, preserve evidence, and restore trustworthy operations. Exposed personal or confidential information can create privacy and notification obligations, while compromised credentials or devices may enable further attacks against the victim or its contacts. Recording victim details in threat intelligence—such as the targeted sector, initial access method, and affected assets—can help identify campaigns and improve controls. Clear communication and support also matter, because victims need accurate guidance on credential resets, account monitoring, fraud reporting, and available remediation.

Showing 12 most recent headlines Filtered view

Some custom malware, some legit software tools At least a dozen ransomware gangs have incorporated kernel-level EDR killers into their malware arsenal, allowing them to bypass almost every major endpoint security tool on the market, escalate privileges, and ultimately steal and encrypt data before extorting victims into paying a ransom.…

Experts Warn of Expanding Intersection of Digital and Physical Threats to VictimsFederal prosecutors have charged a New York man with criminal cyberstalking the widow of murdered UnitedHealthCare CEO Brian Thompson. Experts say the case spotlights the ongoing convergence of physical violence and digital threats facing executives, their families and others.

Cybersecurity researchers have disclosed a new Android trojan called PhantomCard that abuses near-field communication (NFC) to conduct relay attacks for facilitating fraudulent transactions in attacks targeting banking customers in Brazil

$2,700 Is the Average Price for Initial Access to a Victim, Plus PrivilegesWhy hack, when hackers are willing to sell guaranteed access to breached networks? More and more cybercrooks agree they'd rather outsource than bother with the tedium of actual network penetration, leading to a flourishing initial access market.

$150 Million Stolen From Victims and Laundered, Allege Federal ProsecutorsFour Ghanian nationals have been charged with stealing more than $100 million by perpetrating romance scams and business email compromises against U.S. organizations, as well as laundering the stolen proceeds. Three of the suspects have been extradited to the United States to stand trial.

Extortionists Detail Fresh Victims, Although Sensitivity of Stolen Data UnclearExtortionists tied to the Scattered Spider and ShinyHunters hacking collectives have begun naming victims and leaking data via a new, dedicated Telegram channel. Many of the breaches appear to trace to social engineering attacks that gained attackers access to a victim's Salesforce instance.