November 30, 2025
Dark Light
Search

Blog Post

Cyber Intelligence > extortion
Editorial Team
cybercrime News ransomware
0
18

New ransomware threat emerges in 2025

A new and unusually dangerous and sophisticated gang of cybercriminals, named BlackLock, has emerged as a major ransomware threat in 2025.

Cybersecurity company Reliaquest observed a staggering 1,425 percent increase in the gang’s activities in the last quarter of 2024. Its ransomware is built to target Windows, VMWare ESXi, and Linux environments and is designed as a double-extortion attack, which involves not only locking the target organization’s critical data by encrypting it, but also by identifying sensitive information and threatening to expose it.

“BlackLock’s rise has been both swift and strategic, targeting organizations across a wide range of sectors and geographies,” reports Reliaquest.

Read More
Editorial Team
Healthcare News ransomware
0
16

‘Hellcat’ is new breed of cybercriminal

A ransomware gang, Hellcat, that emerged in 2024 is being seen as representative of a new type of threat actor using off-the-shelf malware and innovative extortion techniques.

According to cybersecurity company Cato Networks: “Hellcat’s emergence in 2024 marks a troubling shift in the landscape of cybercrime. By leveraging a ransomware-as-a-service (RaaS) model and utilizing double extortion tactics, Hellcat has not only increased the accessibility of ransomware but also heightened the psychological impact on its victims.”

Read More
Editorial Team
Banking Threats Finance News
0
16

Ransomware gangs target law and accountancy firms

In what is bad news for law and accounting firms, the professional and technical services sector has now overtaken the manufacturing sector as the prime target for ransomware attacks of Q3 2024.

According to cybersecurity company Nuspire: “These firms handle highly sensitive client data, such as financial records, legal documents, and business strategies, making them prime targets for ransomware operators.”

Nuspire predicts that, with ransom demands averaging around $2.5 million a hit for law firms, ransomware operators will continue to target this sector as long as the potential rewards outweigh the effort. The situation is particularly dire for smaller practices, which may lack the resources to protect against today’s increasingly ruthless and sophisticated cyber-attacks.

Read More
Editorial Team
Cyber Espionage cybercrime News
0
14

Cybercriminals pose as law enforcement agencies

The US Federal Bureau of Investigation (FBI) has issued an urgent warning to business and law enforcement agencies that cybercriminals are using genuine stolen US and foreign government email addresses to hack into companies.

As of August this year, the FBI has observed an increase in posts on criminal forums relating to fraudulent emergency data requests. In August 2024, a cyber-criminal known to the FBI offered for sale, “High Quality .gov emails for espionage/social engineering/data extortion requests, etc”, that included official US credentials. The cyber-criminals also offered to guide buyers through emergency data requests and to sell real stolen subpoena documents to allow the buyer(s) to pose as law enforcement officers.

Read More
Editorial Team
Arrest Cyber Espionage News
0
12

Ex-IT worker arrested for ransomware attack

The US New Jersey District Court has arrested a man accused of conducting a ransomware attack on a former employer, highlighting the growing “insider threat” organizations increasingly face from disgruntled or former employees.

It is alleged that Daniel Rhyne, 57, described in court documents as “a core infrastructure engineer,” is alleged to have conducted a $750, 000 ransomware attack on a New Jersey-based industrial company. The as-yet-unidentified organization provides services to various industries, including aquaculture, biopharmaceuticals, chemistry, electronics, food and beverage, healthcare, hydrogen mobility, manufacturing and industrial processing, metals, oil and gas, and pulp and paper companies.

Read More
John Wilkes
News ransomware Russia
0
10

It’s official…It definitely IS the Russians

The US Federal Bureau of Investigation (FBI) has laid the blame for escalating worldwide ransomware attacks squarely at Russia’s door.

Speaking at the 2024 Boston Conference on Cyber Security last week, FBI Cyber Division Assistant Director Bryan Vorndran said: “Almost all of the criminals developing sophisticated malware to enable ransomware attacks are based in Russian-speaking countries and operate as organized crime syndicates, similar to traditional organized crime elements.”

He focused on the FBI’s earlier this year disruption of Dark Web ransomware gang LockBit, stressing that organized cybercriminal gangs, particularly Russian ones, are essentially the same as old-school mafia mobsters. They differ only in their methods and avenues of attack.

Read More
Tony Glover
Analysis cybercrime
0
19

FBI takes down BreachForums -again!

The US Federal Bureau of Investigation (FBI) is investigating the criminal hacking forum BreachForums after taking down its website last week. This follows the announcement in February of the seizure of the LockBit ransomware gang’s extortion website.

“From June 2023 until May 2024, BreachForums (hosted at breachforums.st/.cx/.is/.vc and run by ShinyHunters) was operating as a clear-net marketplace for cybercriminals to buy, sell, and trade contraband, including stolen access devices, means of identification, hacking tools, breached databases, and other illegal services,” says an FBI advisory.

Read More
Editorial Team
AI cybercrime News
0
20

Cybercrime continues to cold-shoulder AI

Organized cybercriminals continue to give artificial intelligence (AI) the cold shoulder. New research from US telecoms conglomerate Verizon confirms a report in November from cybersecurity firm Sophos revealing that cybercriminals judged AI to be “overrated, overhyped and redundant.”

According to Verizon’s 2024 Data Breach Investigations Report: “We did keep an eye out for any indications of the use of the emerging field of generative artificial intelligence (GenAI) in attacks and the potential effects of those technologies, but nothing materialized in the incident data we collected globally…The number of mentions of GenAI terms alongside traditional attack types and vectors such as “phishing,” “malware,” “vulnerability,” and “ransomware” was shockingly low, barely breaching 100 cumulative mentions over the past two years.”

Read More
Editorial Team
cybercrime News ransomware
0
22

Ransomware drives corporate cyber-crime

Cybercriminals are getting greedier. According to Google subsidiary Mandiant’s M-Trends 2024 Special Report, the proportion of financially motivated intrusions grew from more than a quarter of all investigations (26 percent) in 2022 to over a third (36 percent) in 2023.

Ransomware-related intrusions represented almost two-thirds of financially motivated intrusions and 23 percent of all 2023 intrusions; the remaining financially motivated intrusions included business email compromise (BEC) fraud and cryptocurrency theft. In 70 percent of cases, organizations learned of ransomware-related intrusions from external sources. In three-quarters of those cases, organizations were notified of a ransomware incident by an attacker ransom message. The remaining quarter came from external partners, such as law enforcement or cybersecurity companies.

“This is consistent with the extortion business model in which attackers intentionally and abruptly notify organizations of a ransomware intrusion and demand payment,” says Mandiant.

Read More
Tony Glover
Healthcare News
0
11

Cyber gangs hold healthcare ransom

Cybercriminal groups have now completely abandoned any pretense that theirs are basically victimless crimes by attacking the healthcare sector with increasing ruthlessness. Healthcare, once said to be off limits to ‘responsible’ cyber criminals, is now the subject of an urgent warning from the Cybersecurity Coordination Center (HC3) of the US Department of Health and Human Services. 

 “HC3 has recently observed threat actors employing advanced social engineering tactics to target IT help desks in the health sector and gain initial access to target organizations,” the warning states. 

Tactics include contacting an organization’s IT help desk with phone calls from a familiar area code and claiming to be an employee in a financial role.

Read More
admin
News One Minute Roundup
0
6

27,000 Private Data Stolen from Stanford Ransomware Attack – March 12th

Stanford University announced that the personal information of 27,000 individuals was stolen as a result of a September 2023 ransomware attack.

The University also disclosed that only one system was breached, namely the “Department of Public Safety” network. The data included biometric data, dates of birth, social security numbers, government IDs, passport numbers, and driver’s license numbers.

Read More
Editorial Team
cybercrime Healthcare News
0
11

Plastic surgeons and patients targeted in extortion rackets

The Federal Bureau of Investigation (FBI) warns that cybercriminals and online blackmailers are targeting plastic surgeons to harvest electronically protected health information (ePHI) on their patients. Personal ePHI includes sensitive information and photographs, enabling the cybercriminals to extort money from the patients themselves as well as from plastic surgery practices, something that could prove lucrative to blackmailers targeting wealthy celebrities who are in the public eye.

Read More
John Wilkes
News One Minute Roundup
0
10

Lazarus equips two new remote access trojan weapons – September 22nd

The Lazarus group is using two new remote access trojans to target health systems’ ManageEngine vulnerabilities.

The group recently made headlines after targeting healthcare entities in Europe and the US and has since evolved its malware to exploit the CVE-2022047966 vulnerability in the ManageEngine setup, allowing for remote code execution.

Its new RAT variants, QuiteRAT and CollectionRAT, allow for the attacker to run arbitrary commands, among other capabilities.

Read More