Negotiating With Terrorists: Trends in Ransomware Negotiations from Both sides of the Table
A comprehensive analysis of ransomware negotiation dynamics and what really works when you’re staring down the barrel of an extortion demand.
New research reveals ransomware gang negotiation tactics based on analysis of 200+ extortion transcripts. Learn how these criminals operate and what strategies actually work when facing down a demand. Essential insights for any security team:
substack.com/home/post/p-...
#ransomware #cybersecurity
06.03.2025 17:32 — 👍 0 🔁 0 💬 0 📌 0
Trump admin fires security board investigating Chinese hack of large ISPs
Dismantled Cyber Safety Review Board was investigating Salt Typhoon telecom hack.
The “tough on crime” party handed threat actors a big win. By dismantling the Cyber Safety Review Board mid-investigation into the Chinese telecom hack, the Trump admin is weakening US cybersecurity & aiding adversaries. A catastrophic decision for national security. arstechnica.com/tech-policy/...
23.01.2025 13:51 — 👍 4 🔁 1 💬 0 📌 0
Government Monitoring Those With "Negative" Views of Health Insurance Companies
New documents reveal flurry of intelligence activity following Luigi Mangione's arrest
Govt now monitoring “negative sentiment” toward health insurance execs online after UHC’s CEO murder.
Fusion centers flagging posts critical of corporate greed as “threats”—fueling fears of free speech suppression in the name of “security.”
#CyberSecurity
www.kenklippenstein.com/p/government...
19.01.2025 18:47 — 👍 3 🔁 1 💬 0 📌 0
Biden administration launches cybersecurity executive order
With this executive order, the Biden White House is looking to boost digital security in the U.S. for the government and the private sector.
Biden drops a sweeping cybersecurity EO 📜⚙️
Gov contractors must now prove secure dev practices & disclose updates. Will the next admin keep it?
#CyberSecurity #DataPrivacy #DigitalTrust #Biden
www.cnbc.com/2025/01/16/b...
16.01.2025 18:17 — 👍 0 🔁 1 💬 0 📌 1
Xiahongshu, or “Red Note”, is now the top most downloaded Free App on the Apple App Store
TikTok ban incoming 🇺🇸➡️ Users flee… to a Chinese app?! 👀
“Red Note” (小红书) is now trending, as Americans say they’d rather hand data to Xi than trust Zuck, Elon, or the U.S. gov.
Irony’s dead, but the data privacy debate is alive 🔥 #CyberSecurity #TikTokBan #DataOwnership
13.01.2025 23:32 — 👍 0 🔁 1 💬 0 📌 0
USPS under fire: IG report reveals criminal groups recruiting postal workers to steal mail, checks, and credit cards. With $1M stolen in one case and faulty cameras at facilities, is the system failing us?
thehill.com/homenews/506...
#CyberCrime #USPS #MailTheft
06.01.2025 04:05 — 👍 1 🔁 0 💬 0 📌 0
That’s what we’re here for!
04.01.2025 06:40 — 👍 1 🔁 0 💬 1 📌 0
Recommendations on Naming Threat Actors
This document provides advice on the naming of threat actors (also known as malicious actors).
The objective is to provide practical advice for organizations such as security vendors or organizations ...
Struggling with inconsistent threat actor names? The IETF’s new draft proposes guidelines to standardize naming, reduce ambiguity, and enhance intelligence sharing. A must-read for #ThreatIntel pros.
#CyberSecurity #MISP #Hackers #ThreatGroups
www.misp-standard.org/rfc/threat-a...
04.01.2025 06:04 — 👍 3 🔁 1 💬 1 📌 0
Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API
Three patched Dynamics 365 and Power Apps vulnerabilities exposed sensitive data, highlighting risks of API flaws.
🚨 Severe vulnerabilities in Microsoft Dynamics 365 and Power Apps Web API exposed sensitive data, including passwords and emails. These flaws, now patched, highlight the critical need for robust #CyberSecurity measures in APIs.
#DataSecurity #Microsoft
🔗 thehackernews.com/2025/01/seve...
02.01.2025 15:52 — 👍 1 🔁 0 💬 0 📌 1
LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages
LockBit's developer charged for enabling global ransomware attacks netting $500M; U.S. leads extradition effort.
LockBit ransomware developer Rostislav Panev has been charged in the U.S. for creating tools behind BILLIONS in global damages 💻💰 Arrested in Israel, Panev allegedly developed malware to disable antivirus & exfiltrate data.
#CyberSecurity #Ransomware #LockBit
thehackernews.com/2024/12/lock...
21.12.2024 18:32 — 👍 1 🔁 0 💬 0 📌 1
Krispy Kreme breach, data theft claimed by Play ransomware gang
The Play ransomware gang has claimed responsibility for a cyberattack that impacted the business operations of the U.S. doughnut chain Krispy Kreme in November.
The Play ransomware gang claims responsibility for a cyberattack on Krispy Kreme 🍩💻, disrupting online orders & allegedly stealing sensitive data. The gang threatens to leak the data soon.
#CyberSecurity #Ransomware #DataBreach #KrispyKreme
www.bleepingcomputer.com/news/securit...
20.12.2024 16:14 — 👍 0 🔁 0 💬 0 📌 0
BeyondTrust says hackers breached Remote Support SaaS instances
Privileged access management company BeyondTrust suffered a cyberattack in early December after threat actors breached some of its Remote Support SaaS instances.
Hackers breached BeyondTrust’s Remote Support SaaS instances, exploiting an API key to reset account passwords. Two critical vulnerabilities discovered; patches applied for cloud users. Investigations ongoing. 🔒💻
#CyberSecurity #DataBreach #BeyondTrust #PAM
www.bleepingcomputer.com/news/securit...
19.12.2024 17:29 — 👍 0 🔁 1 💬 0 📌 0
Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms
Iranian-linked IOCONTROL malware targets IoT, OT, and SCADA systems with advanced evasion tactics.
Iran-linked IOCONTROL malware is targeting SCADA & Linux-based IoT devices in the US and Israel, including fuel systems and IP cameras. Using MQTT for stealthy C2 comms, it can shut down critical services or steal data.
🔗 thehackernews.com/2024/12/iran...
#CyberSecurity #Iran #Israel #Malware #IoT
13.12.2024 15:43 — 👍 2 🔁 0 💬 0 📌 0
Photobucket opted inactive users into privacy nightmare, lawsuit says
Class action could foil Photobucket’s plan to turn old photos into AI goldmine.
Photobucket, once a nostalgic photo vault, now embroiled in controversy: a lawsuit alleges it auto-opted dormant users into terms allowing their biometric data—like face and iris scans—to be sold for AI training. Privacy breach or AI gold rush?
🔗 arstechnica.com/tech-policy/...
#Privacy #AIEthics
12.12.2024 02:35 — 👍 0 🔁 0 💬 0 📌 0
Microsoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without Alerts
Microsoft’s MFA flaw, AuthQuake, let attackers bypass protections in 3 minutes. Fixed October 2024.
Microsoft’s “AuthQuake” MFA flaw allowed unlimited brute-force attempts without alerting users. Attackers could bypass MFA in just an hour. A fix is in place now, but a reminder: MFA is best when configured with rate limits and alerts.
🔗 thehackernews.com/2024/12/micr...
#CyberSecurity #MFA #Hack
11.12.2024 18:45 — 👍 3 🔁 0 💬 0 📌 0
Krispy Kreme cyberattack impacts online orders and operations
US doughnut chain Krispy Kreme suffered a cyberattack in November that impacted portions of its business operations, including placing online orders.
Krispy Kreme’s sweet digital sales hit a sour note after a cyberattack disrupted online ordering and operations. While doughnuts still flow in-store, this shows even yummy treats aren’t immune to breaches. 🍩💻
🔗 www.bleepingcomputer.com/news/securit...
#CyberSecurity #DataBreach #KrispyKreme #Donut
11.12.2024 18:43 — 👍 0 🔁 0 💬 0 📌 0
CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force
CERT-UA warns of Russian-linked phishing attacks exploiting a NATO alignment conference to target Ukraine's defense sector.
CERT-UA warns of Russian-linked phishing targeting Ukraine’s defense forces. Fake NATO conference invites hide malware, steal Signal, Telegram, and even military system credentials.
Stay vigilant, verify links, and secure your endpoints.
🔗 thehackernews.com/2024/12/cert...
#CyberSecurity #Ukraine
10.12.2024 14:41 — 👍 0 🔁 0 💬 0 📌 0
Chinese hackers use Visual Studio Code tunnels for remote access
Chinese hackers targeting large IT service providers in Southern Europe were seen abusing Visual Studio Code (VSCode) tunnels to maintain persistent access to compromised systems.
Chinese hackers are abusing VSCode tunnels to maintain stealthy remote access during attacks. Signed EXEs, Azure traffic, and legit tools make detection tough.
Monitor rogue VSCode launches & unexpected *.devtunnels.ms connections.
🔗 www.bleepingcomputer.com/news/securit...
#CyberSecurity #APT
10.12.2024 14:36 — 👍 1 🔁 0 💬 0 📌 1
Microsoft 365 outage takes down Office web apps, admin center
Microsoft is investigating a widespread and ongoing Microsoft 365 outage impacting Office web apps and the Microsoft 365 admin center.
Microsoft 365 is having another rough day:
Office web apps, Outlook, OneDrive, and more are down for some users. Microsoft blames token generation issues but promises a fix in ~2 hours.
🔗 www.bleepingcomputer.com/news/microso...
#Microsoft365 #Outage
10.12.2024 14:33 — 👍 0 🔁 0 💬 0 📌 0
Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering
Black Basta evolves ransomware attacks with email bombing, QR codes, and social engineering, targeting credentials and VPNs.
Black Basta ransomware steps up its game:
• Email bombing victims to overwhelm inboxes
• QR code phishing for credentials
• Social engineering via fake IT support on Teams
Hybrid attacks blend tech & tricks—stay alert and verify!
🔗 thehackernews.com/2024/12/blac...
#CyberSecurity #Ransomware
09.12.2024 20:02 — 👍 1 🔁 0 💬 0 📌 0
Cybercrime gang arrested after turning Airbnbs into fraud centers
Eight members of an international cybercrime network that stole millions of Euros from victims and set up Airbnb fraud centers were arrested in Belgium and the Netherlands.
Cybercrime gang turned Airbnbs into fraud hubs!
Arrested in EU, they posed as bank staff and flaunted stolen wealth online. Victims left broke and traumatized. Reminder: Never trust unsolicited bank messages—verify through official channels
🔗 www.bleepingcomputer.com/news/securit...
#CyberSecurity
09.12.2024 19:59 — 👍 2 🔁 1 💬 0 📌 1
🚨🔥 2024: The Year of Cyber Chaos! 🔥🚨
Salt Typhoon hacks telecoms, Europol breached, CrowdStrike outage hits 8.5M devices, Apple & AMD leaks, TfL cyberattack… the list goes on!
What was YOUR biggest #CyberSecurity event of the year? 🌍💻
Drop your takes below! 🛡️👇 #Infosec #Hackers #News #Events
09.12.2024 14:53 — 👍 2 🔁 0 💬 0 📌 0
Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI
DeepSeek flaw enabled XSS attacks, allowing hackers to hijack accounts via prompt injection.
Prompt injection strikes again! Researchers reveal exploits in DeepSeek and Claude, enabling account takeovers, malicious commands, and terminal hijacks. GenAI’s attack surface keeps expanding—secure your integrations or brace for “ZombAIs.”
🔗 thehackernews.com/2024/12/rese...
#CyberSecurity #AI
09.12.2024 14:10 — 👍 2 🔁 1 💬 0 📌 0
Report: Tokyo University Used "Tiananmen Square" Keyword to Block Chinese Admissions - Unseen Japan
The student-led paper for Tokyo University says a graduate program used an HTML trick to prevent mainland Chinese students from applying.
Tokyo University allegedly blocked Chinese grad applicants by embedding the keyword “Tiananmen Square” in their admissions page, exploiting China’s censorship. A shocking misuse of tech to enforce discrimination.
🔗 unseen-japan.com/tokyo-univer...
#TechEthics #Discrimination #AcademicIntegrity
09.12.2024 14:08 — 👍 0 🔁 0 💬 0 📌 0
