Ransomware Activity - BlackCat ransomware group 可能更名为 Embargo [1] - Embargo group 自 2024 年以来已窃取 3400 万美元 [1]

Ransomware Activity - Embargo ransomware group traced to $34 million in crypto payments [1]

Security Alert - SonicWall urges customers to disable SSLVPN due to reports of ransomware attacks [1] Vulnerability Mitigation - The recommendation to disable SSLVPN suggests a critical vulnerability requiring immediate action [1]

Authorities seize BlackSuit ransomware gang's servers | TechCrunch https://t.co/jREsv2J30d ...

🇺🇸 LATEST: The US seeks to claim $2.4M in Bitcoin seized by the Dallas FBI from the Chaos ransomware group.The 20.2 $BTC could be added to America's proposed Strategic Bitcoin Reserve if forfeiture is successful. https://t.co/joO9PftxTL ...

Core Insights - The Akamai report highlights the emergence of a new quadruple extortion tactic in ransomware campaigns, alongside the continued prevalence of double extortion methods [1][2] - Quadruple extortion involves using distributed denial-of-service (DDoS) attacks and harassing third parties to increase pressure on victims, building on the existing double extortion strategy [2][3] - The report emphasizes that ransomware threats have evolved beyond mere data encryption, now incorporating stolen data, public exposure, and service outages to create significant business crises for organizations [3] Industry Trends - The report discusses the current state of legal and regulatory frameworks affecting organizational responses to ransomware, noting that while existing laws apply, specific regulations aim to discourage ransom payments [3] - Akamai stresses the importance of robust cybersecurity measures, incident reporting, and risk management strategies, such as Zero Trust and microsegmentation, to enhance resilience against ransomware threats [3] Emerging Threats - The report identifies that generative AI and large language models (LLMs) are facilitating the rise in frequency and scale of ransomware attacks, enabling less technically skilled individuals to launch sophisticated campaigns [6] - Hacktivist groups are increasingly utilizing ransomware as a service (RaaS) platforms, with a shift in focus from major corporations to smaller organizations with weaker security [6] - Cryptomining attacks are also on the rise, with nearly half targeting nonprofit and educational organizations due to their limited resources [6] - The TrickBot malware family has extorted over US$724 million in cryptocurrency from victims since 2016, indicating the ongoing threat posed by established malware families [6]

The Department of Justice is trying to take ownership of $2.3 million worth Bitcoin seized from a member of Chaos, a newly identified ransomware group. https://t.co/XwhtaCHHuc ...

Legal & Security - DOJ seeks forfeiture of Bitcoin tied to 'Chaos' Ransomware Group [1]

Core Viewpoint - Clorox has filed a lawsuit against Cognizant, alleging negligence in handling a cyberattack that resulted in significant financial damages due to a breach by the hacking group Scattered Spider in August 2023 [1][2][4]. Group 1: Cyberattack Details - The cyberattack was executed by Scattered Spider, which is known for tricking IT help desks into providing access credentials [1][6]. - Clorox claims that the hacker gained access by simply requesting passwords from Cognizant's support staff without any sophisticated techniques [2][3]. - The lawsuit includes transcripts of conversations where Cognizant staff reset passwords without verifying the hacker's identity [4]. Group 2: Financial Impact - The total damages from the cyberattack are estimated at $380 million, with approximately $50 million attributed to remedial costs and the remainder due to Clorox's inability to ship products to retailers [4]. - Clorox's operational recovery was further complicated by Cognizant's failures, such as not deactivating certain accounts and improperly restoring data [5].

Cybersecurity & Government Policy - UK government encourages ransomware victims to report cyberattacks to disrupt hackers [1] Cyberattack Trends - The report focuses on ransomware attacks, a significant cybersecurity threat [1]