#alphv — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #alphv, aggregated by home.social.
-
📢⚠️ Two US cybersecurity experts have been jailed for aiding the BlackCat ransomware group, extorting victims worldwide, and exploiting insider access for profit.
Read: https://hackread.com/us-cybersecurity-experts-jail-alphv-blackcat-ransomware/
#CyberSecurity #CyberCrime #ALPHV #BlackCat #Ransomware #InsiderThreat
-
📢⚠️ Two US cybersecurity experts have been jailed for aiding the BlackCat ransomware group, extorting victims worldwide, and exploiting insider access for profit.
Read: https://hackread.com/us-cybersecurity-experts-jail-alphv-blackcat-ransomware/
#CyberSecurity #CyberCrime #ALPHV #BlackCat #Ransomware #InsiderThreat
-
📢⚠️ Two US cybersecurity experts have been jailed for aiding the BlackCat ransomware group, extorting victims worldwide, and exploiting insider access for profit.
Read: https://hackread.com/us-cybersecurity-experts-jail-alphv-blackcat-ransomware/
#CyberSecurity #CyberCrime #ALPHV #BlackCat #Ransomware #InsiderThreat
-
📢⚠️ Two US cybersecurity experts have been jailed for aiding the BlackCat ransomware group, extorting victims worldwide, and exploiting insider access for profit.
Read: https://hackread.com/us-cybersecurity-experts-jail-alphv-blackcat-ransomware/
#CyberSecurity #CyberCrime #ALPHV #BlackCat #Ransomware #InsiderThreat
-
📢⚠️ Two US cybersecurity experts have been jailed for aiding the BlackCat ransomware group, extorting victims worldwide, and exploiting insider access for profit.
Read: https://hackread.com/us-cybersecurity-experts-jail-alphv-blackcat-ransomware/
#CyberSecurity #CyberCrime #ALPHV #BlackCat #Ransomware #InsiderThreat
-
US Sentences Two Cybersecurity Pros for BlackCat Ransomware Role
Two cybersecurity experts turned to a life of crime, using their specialized knowledge to extort victims through BlackCat ransomware attacks, and have been sentenced to four years in prison for their roles. Ryan Goldberg and Kevin Martin deployed the ransomware against multiple US victims between April and December 2023.
#BlackcatRansomware #Alphv #RansomwareOperations #NationState #EmergingThreats
-
Ransomware Negotiators Sentenced for BlackCat Attacks
Two former cybersecurity experts, who once worked to protect companies, were sentenced to four years in prison for using their skills to extort US businesses as affiliates of the notorious BlackCat ransomware gang. They exploited their specialized knowledge to orchestrate attacks on US companies, leaving a trail of devastation in their wake.
#Ransomware #Blackcat #Alphv #RansomwareNegotiators #UnitedStates
-
Former Ransomware Negotiator Pleads Guilty to BlackCat Attacks
A former expert who was paid to negotiate with cybercriminals has taken a shocking turn, pleading guilty to participating in high-profile BlackCat ransomware attacks on US companies. Angelo Martino, a 41-year-old ex-incident responder, admitted to his role in the 2023 attacks.
#Blackcat #Ransomware #Alphv #FormerRansomwareNegotiator #UnitedStates
-
🎯 Threat Intelligence
===================Executive summary: Recent reporting attributes an SEO poisoning campaign to the BlackCat/ALPHV threat actor, describing manipulation of search results for popular software to steer victims to malicious download pages. The source links the activity to a coordinated effort to replace legitimate installers or mirrors with attacker-controlled payloads. The article does not publish sample IoCs, hashes, or C2 addresses.
Technical details:
• Reported technique: SEO poisoning (search-result manipulation) to surface malicious pages for popular software keywords.
• Delivery vector described: attacker-controlled download pages or mirrors that host malicious installers or archived payloads instead of legitimate binaries.
• Payloads: the source indicates distribution of malware via these fake downloads, but does not enumerate specific families, hashes, or signatures in the published material.🔹 Attack Chain Analysis
• Initial Access (Search poisoning): Malicious pages are promoted or optimized to appear in search results for targeted software queries.
• Delivery (Malicious download pages): Victim navigates to a malicious page presented as a legitimate download source.
• Execution (User installs): Victim executes the downloaded installer or archive, triggering payload execution.
• Post-execution (Payload activity): Article reports general payload delivery but does not detail post-execution TTPs or ransom/logical behavior tied to BlackCat.Analysis:
The reporting highlights the operational focus on search-engine manipulation rather than email or exploit-based vectors. This approach targets users seeking popular software and relies on social engineering and deceptive hosting. Attribution to BlackCat/ALPHV is asserted by the source; supporting telemetry or forensic artifacts were not published alongside the write-up.Detection:
The source did not provide concrete detection signatures or sample IoCs. Observables to monitor (reported conceptually) include unusual download hosts surfaced for common software keywords, discrepancies between file checksums and vendor-published hashes, and new domains mimicking legitimate distribution sites. The article stops short of publishing detection rules.Mitigation and limitations:
The published material does not include vendor patches, CVEs, or defensive playbooks. The report emphasizes the attack vector (SEO poisoning) and documents BlackCat attribution but lacks technical artifacts for signature-based detection. This limits immediate operational response based on the article alone.References:
The source article is the primary reference cited by this summary. No CVE identifiers, IoCs, or sample hashes were released with that report.🔹 BlackCat #ALPHV #SEOpoisoning #malvertising #malware
🔗 Source: https://thehackernews.com/2026/01/black-cat-behind-seo-poisoning-malware.html
-
Can you trust your cybersecurity team? 2 American cybersecurity experts have pleaded guilty to running an extortion scheme for #ALPHV ransomware after targeting multiple US businesses in 2023.
Read: https://hackread.com/us-cybersecurity-experts-extortion-alphv-ransomware/
-
Can you trust your cybersecurity team? 2 American cybersecurity experts have pleaded guilty to running an extortion scheme for #ALPHV ransomware after targeting multiple US businesses in 2023.
Read: https://hackread.com/us-cybersecurity-experts-extortion-alphv-ransomware/
-
Can you trust your cybersecurity team? 2 American cybersecurity experts have pleaded guilty to running an extortion scheme for #ALPHV ransomware after targeting multiple US businesses in 2023.
Read: https://hackread.com/us-cybersecurity-experts-extortion-alphv-ransomware/
-
Can you trust your cybersecurity team? 2 American cybersecurity experts have pleaded guilty to running an extortion scheme for #ALPHV ransomware after targeting multiple US businesses in 2023.
Read: https://hackread.com/us-cybersecurity-experts-extortion-alphv-ransomware/
-
Can you trust your cybersecurity team? 2 American cybersecurity experts have pleaded guilty to running an extortion scheme for #ALPHV ransomware after targeting multiple US businesses in 2023.
Read: https://hackread.com/us-cybersecurity-experts-extortion-alphv-ransomware/
-
🎯 Threat Intelligence
===================Executive summary: The KrebsOnSecurity piece documents that the operator and public face of Scattered LAPSUS$ Hunters (SLSH), known as "Rey," has confirmed his real‑world identity after the reporter contacted his father. The article links SLSH activity to a May 2025 voice‑phishing campaign that induced victims to authorize a malicious application in Salesforce, and it details the group's expansion into an in‑house ransomware offering called ShinySp1d3r alongside ongoing insider recruitment.
Technical details:
• The actor set is described as an amalgam of Scattered Spider, LAPSUS$, and ShinyHunters operating across Telegram and Discord communities.
• Observed TTPs include voice phishing (vishing) social engineering to convince targets to connect a third‑party malicious app to corporate Salesforce instances, followed by data exfiltration and public extortion via a leak site.
• Historic tooling reuse includes encryptors from ALPHV/BlackCat, Qilin, RansomHub, and DragonForce; SLSH announced a proprietary RaaS named ShinySp1d3r.
• Publicly named alleged victims include Toyota, FedEx, Disney/Hulu, and UPS; reporting references a data leak portal threatening disclosure for roughly three dozen companies.Attack Chain Analysis:
• Initial Access / Social Engineering: Voice phishing to employees or contractors to induce OAuth/third‑party app consent to Salesforce.
• Persistence / Access Expansion: Use of insider credentials or privileged API access obtained via the malicious app.
• Exfiltration: Extraction of Salesforce data and publication threats on a data leak site.
• Monetization: Ransom/extortion demands and recruiting of insiders for percentage payouts; parallel use of ransomware encryptors and a new RaaS offering.Impact and contextual notes:
The article emphasizes operational scale (dozens of corporate targets) and evolution from affiliate use of existing ransomware to offering a proprietary RaaS. It also reports recruitment activity explicitly targeting insiders and a related personnel action at CrowdStrike involving alleged screenshot sharing (CrowdStrike stated no system compromise and referred the matter to law enforcement).Detection / Mitigation (as reported):
The article does not publish specific detection rules or defensive playbooks; it focuses on observed operations, actor attribution, and public‑facing infrastructure and announcements.Limitations / Open questions:
• The report does not disclose technical IoCs such as domains, hashes, or C2 indicators tied to the May 2025 campaign.
• Attribution to individuals beyond reported operational security lapses is based on the journalist’s outreach and corroboration; the article documents identity confirmation steps rather than law‑enforcement verdicts.🔹 SLSH #ShinySp1d3r #Salesforce #ALPHV #BreachForums
🔗 Source: https://krebsonsecurity.com/2025/11/meet-rey-the-admin-of-scattered-lapsus-hunters/
-
Menuda fantasía de historia. Un plan sin fisuras, primero te infecto con BlackCat y luego te vendo mis servicios para negociar el rescate.
-
Menuda fantasía de historia. Un plan sin fisuras, primero te infecto con BlackCat y luego te vendo mis servicios para negociar el rescate.
-
Menuda fantasía de historia. Un plan sin fisuras, primero te infecto con BlackCat y luego te vendo mis servicios para negociar el rescate.
-
Menuda fantasía de historia. Un plan sin fisuras, primero te infecto con BlackCat y luego te vendo mis servicios para negociar el rescate.
-
Menuda fantasía de historia. Un plan sin fisuras, primero te infecto con BlackCat y luego te vendo mis servicios para negociar el rescate.
-
U.S. Prosecutors Indict Cybersecurity Insiders in BlackCat Ransomware Attacks https://thecyberexpress.com/blackcat-ransomware-insiders-indicted/ #TheCyberExpressNews #blackcatransomware #TheCyberExpress #FirewallDaily #DarkWebNews #DigitalMint #Ransomware #CyberNews #ALPHV
-
U.S. Prosecutors Indict Cybersecurity Insiders in BlackCat Ransomware Attacks https://thecyberexpress.com/blackcat-ransomware-insiders-indicted/ #TheCyberExpressNews #blackcatransomware #TheCyberExpress #FirewallDaily #DarkWebNews #DigitalMint #Ransomware #CyberNews #ALPHV
-
U.S. Prosecutors Indict Cybersecurity Insiders in BlackCat Ransomware Attacks https://thecyberexpress.com/blackcat-ransomware-insiders-indicted/ #TheCyberExpressNews #blackcatransomware #TheCyberExpress #FirewallDaily #DarkWebNews #DigitalMint #Ransomware #CyberNews #ALPHV
-
U.S. Prosecutors Indict Cybersecurity Insiders in BlackCat Ransomware Attacks https://thecyberexpress.com/blackcat-ransomware-insiders-indicted/ #TheCyberExpressNews #blackcatransomware #TheCyberExpress #FirewallDaily #DarkWebNews #DigitalMint #Ransomware #CyberNews #ALPHV
-
🔎 Incident-response professionals charged in ransomware scheme Three US #cybersecurity incident-response specialists stand accused of operating a covert ransomware operation alongside the gang #ALPHV BlackCat, exploiting their insider status to orchestrate attacks on multiple firms. #ransomNews
-
APTiran Allegedly Hits Israeli Critical Infrastructure with Ransomware https://dailydarkweb.net/aptiran-allegedly-hits-israeli-critical-infrastructure-with-ransomware/ #CriticalInfrastructure #CyberSecurity #CyberAttacks #databreach #ransomware #CyberWar #APTiran #LockBit #Israel #ALPHV #Iran
-
APTiran Allegedly Hits Israeli Critical Infrastructure with Ransomware https://dailydarkweb.net/aptiran-allegedly-hits-israeli-critical-infrastructure-with-ransomware/ #CriticalInfrastructure #CyberSecurity #CyberAttacks #databreach #ransomware #CyberWar #APTiran #LockBit #Israel #ALPHV #Iran
-
APTiran Allegedly Hits Israeli Critical Infrastructure with Ransomware https://dailydarkweb.net/aptiran-allegedly-hits-israeli-critical-infrastructure-with-ransomware/ #CriticalInfrastructure #CyberSecurity #CyberAttacks #databreach #ransomware #CyberWar #APTiran #LockBit #Israel #ALPHV #Iran
-
APTiran Allegedly Hits Israeli Critical Infrastructure with Ransomware https://dailydarkweb.net/aptiran-allegedly-hits-israeli-critical-infrastructure-with-ransomware/ #CriticalInfrastructure #CyberSecurity #CyberAttacks #databreach #ransomware #CyberWar #APTiran #LockBit #Israel #ALPHV #Iran
-
RansomHub: The New King of Ransomware? Targeted 600 Firms in 2024 – Source:hackread.com https://ciso2ciso.com/ransomhub-the-new-king-of-ransomware-targeted-600-firms-in-2024-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttacks #CyberAttack #CyberCrime #Ransomware #RansomHub #Hackread #LockBit #ALPHV
-
RansomHub: The New King of Ransomware? Targeted 600 Firms in 2024 – Source:hackread.com https://ciso2ciso.com/ransomhub-the-new-king-of-ransomware-targeted-600-firms-in-2024-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttacks #CyberAttack #CyberCrime #Ransomware #RansomHub #Hackread #LockBit #ALPHV
-
RansomHub: The New King of Ransomware? Targeted 600 Firms in 2024 – Source:hackread.com https://ciso2ciso.com/ransomhub-the-new-king-of-ransomware-targeted-600-firms-in-2024-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttacks #CyberAttack #CyberCrime #Ransomware #RansomHub #Hackread #LockBit #ALPHV
-
RansomHub: The New King of Ransomware? Targeted 600 Firms in 2024 – Source:hackread.com https://ciso2ciso.com/ransomhub-the-new-king-of-ransomware-targeted-600-firms-in-2024-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttacks #CyberAttack #CyberCrime #Ransomware #RansomHub #Hackread #LockBit #ALPHV
-
RansomHub: The New King of Ransomware? Targeted 600 Firms in 2024 https://hackread.com/ransomhub-king-of-ransomware-600-firms-2024/ #Cybersecurity #CyberAttacks #CyberAttack #CyberCrime #Ransomware #RansomHub #LockBit #ALPHV
-
RansomHub: The New King of Ransomware? Targeted 600 Firms in 2024 https://hackread.com/ransomhub-king-of-ransomware-600-firms-2024/ #Cybersecurity #CyberAttacks #CyberAttack #CyberCrime #Ransomware #RansomHub #LockBit #ALPHV
-
RansomHub: The New King of Ransomware? Targeted 600 Firms in 2024 https://hackread.com/ransomhub-king-of-ransomware-600-firms-2024/ #Cybersecurity #CyberAttacks #CyberAttack #CyberCrime #Ransomware #RansomHub #LockBit #ALPHV
-
RansomHub: The New King of Ransomware? Targeted 600 Firms in 2024 https://hackread.com/ransomhub-king-of-ransomware-600-firms-2024/ #Cybersecurity #CyberAttacks #CyberAttack #CyberCrime #Ransomware #RansomHub #LockBit #ALPHV
-
UnitedHealth Group’s Massive Data Breach Impacts 190 Million Americans https://hackread.com/unitedhealth-groups-data-breach-impacts-americans/ #Cybersecurity #CyberAttacks #UnitedHealth #HackingNews #CyberAttack #Healthcare #Ransomware #Security #BlackCat #ALPHV #USA
-
UnitedHealth Group’s Massive Data Breach Impacts 190 Million Americans https://hackread.com/unitedhealth-groups-data-breach-impacts-americans/ #Cybersecurity #CyberAttacks #UnitedHealth #HackingNews #CyberAttack #Healthcare #Ransomware #Security #BlackCat #ALPHV #USA
-
UnitedHealth Group’s Massive Data Breach Impacts 190 Million Americans https://hackread.com/unitedhealth-groups-data-breach-impacts-americans/ #Cybersecurity #CyberAttacks #UnitedHealth #HackingNews #CyberAttack #Healthcare #Ransomware #Security #BlackCat #ALPHV #USA
-
UnitedHealth Group’s Massive Data Breach Impacts 190 Million Americans https://hackread.com/unitedhealth-groups-data-breach-impacts-americans/ #Cybersecurity #CyberAttacks #UnitedHealth #HackingNews #CyberAttack #Healthcare #Ransomware #Security #BlackCat #ALPHV #USA
-
Sharp-eyed @zackwhittaker caught this one:
UnitedHealth hid its Change Healthcare data breach notice for months:
Let's make sure Zack's reporting gets indexed.
#UnitedHealth #ChangeHealthcare #notification #transparency #HIPAA #HITECH #databreach #ransomware #AlphV #BlackCat
-
Sharp-eyed @zackwhittaker caught this one:
UnitedHealth hid its Change Healthcare data breach notice for months:
Let's make sure Zack's reporting gets indexed.
#UnitedHealth #ChangeHealthcare #notification #transparency #HIPAA #HITECH #databreach #ransomware #AlphV #BlackCat
-
Sharp-eyed @zackwhittaker caught this one:
UnitedHealth hid its Change Healthcare data breach notice for months:
Let's make sure Zack's reporting gets indexed.
#UnitedHealth #ChangeHealthcare #notification #transparency #HIPAA #HITECH #databreach #ransomware #AlphV #BlackCat
-
Sharp-eyed @zackwhittaker caught this one:
UnitedHealth hid its Change Healthcare data breach notice for months:
Let's make sure Zack's reporting gets indexed.
#UnitedHealth #ChangeHealthcare #notification #transparency #HIPAA #HITECH #databreach #ransomware #AlphV #BlackCat
-
Sharp-eyed @zackwhittaker caught this one:
UnitedHealth hid its Change Healthcare data breach notice for months:
Let's make sure Zack's reporting gets indexed.
#UnitedHealth #ChangeHealthcare #notification #transparency #HIPAA #HITECH #databreach #ransomware #AlphV #BlackCat
-
The state of Nebraska has sued the healthtech giant "Change Healthcare" over a series of alleged security failings that resulted in a historical data breach
exposing the sensitive health information of at least 100 million Americans.In a complaint filed this week, Nebraska’s attorney general Mike Hilgers claims #UnitedHealth-owned Change Healthcare failed to implement proper security measures,
leading to what he describes as a “historic” data breach in terms of impact and magnitude.This comes after it was revealed in October that more than 100 million Americans had their sensitive medical data stolen during a February ransomware attack on Change Healthcare.
This data included personal information such as addresses and phone numbers, health data including diagnoses, medications, treatment plans, and financial and banking data.
Change Healthcare continues to notify affected individuals about the data breach,
and the final number is expected to be higher than 100 million.Hilgers said in his complaint that Change Healthcare’s
“failures to implement basic security protections”
exacerbated the extent of the cyberattack,
which was attributed to the Russian-speaking #ALPHV #ransomware gang.The complaint alleges that the healthtech giant had poorly segmented IT systems
that allowed the hackers to travel freely between servers,
and that Change Healthcare had failed to implement multi-factor authentication on its systems,
which meant they could be accessed with just a username and password.
https://techcrunch.com/2024/12/18/nebraska-sues-change-healthcare-over-security-failings-that-led-to-medical-data-breach-of-over-100-million-americans/ -
The state of Nebraska has sued the healthtech giant "Change Healthcare" over a series of alleged security failings that resulted in a historical data breach
exposing the sensitive health information of at least 100 million Americans.In a complaint filed this week, Nebraska’s attorney general Mike Hilgers claims #UnitedHealth-owned Change Healthcare failed to implement proper security measures,
leading to what he describes as a “historic” data breach in terms of impact and magnitude.This comes after it was revealed in October that more than 100 million Americans had their sensitive medical data stolen during a February ransomware attack on Change Healthcare.
This data included personal information such as addresses and phone numbers, health data including diagnoses, medications, treatment plans, and financial and banking data.
Change Healthcare continues to notify affected individuals about the data breach,
and the final number is expected to be higher than 100 million.Hilgers said in his complaint that Change Healthcare’s
“failures to implement basic security protections”
exacerbated the extent of the cyberattack,
which was attributed to the Russian-speaking #ALPHV #ransomware gang.The complaint alleges that the healthtech giant had poorly segmented IT systems
that allowed the hackers to travel freely between servers,
and that Change Healthcare had failed to implement multi-factor authentication on its systems,
which meant they could be accessed with just a username and password.
https://techcrunch.com/2024/12/18/nebraska-sues-change-healthcare-over-security-failings-that-led-to-medical-data-breach-of-over-100-million-americans/ -
The state of Nebraska has sued the healthtech giant "Change Healthcare" over a series of alleged security failings that resulted in a historical data breach
exposing the sensitive health information of at least 100 million Americans.In a complaint filed this week, Nebraska’s attorney general Mike Hilgers claims #UnitedHealth-owned Change Healthcare failed to implement proper security measures,
leading to what he describes as a “historic” data breach in terms of impact and magnitude.This comes after it was revealed in October that more than 100 million Americans had their sensitive medical data stolen during a February ransomware attack on Change Healthcare.
This data included personal information such as addresses and phone numbers, health data including diagnoses, medications, treatment plans, and financial and banking data.
Change Healthcare continues to notify affected individuals about the data breach,
and the final number is expected to be higher than 100 million.Hilgers said in his complaint that Change Healthcare’s
“failures to implement basic security protections”
exacerbated the extent of the cyberattack,
which was attributed to the Russian-speaking #ALPHV #ransomware gang.The complaint alleges that the healthtech giant had poorly segmented IT systems
that allowed the hackers to travel freely between servers,
and that Change Healthcare had failed to implement multi-factor authentication on its systems,
which meant they could be accessed with just a username and password.
https://techcrunch.com/2024/12/18/nebraska-sues-change-healthcare-over-security-failings-that-led-to-medical-data-breach-of-over-100-million-americans/ -
The state of Nebraska has sued the healthtech giant "Change Healthcare" over a series of alleged security failings that resulted in a historical data breach
exposing the sensitive health information of at least 100 million Americans.In a complaint filed this week, Nebraska’s attorney general Mike Hilgers claims #UnitedHealth-owned Change Healthcare failed to implement proper security measures,
leading to what he describes as a “historic” data breach in terms of impact and magnitude.This comes after it was revealed in October that more than 100 million Americans had their sensitive medical data stolen during a February ransomware attack on Change Healthcare.
This data included personal information such as addresses and phone numbers, health data including diagnoses, medications, treatment plans, and financial and banking data.
Change Healthcare continues to notify affected individuals about the data breach,
and the final number is expected to be higher than 100 million.Hilgers said in his complaint that Change Healthcare’s
“failures to implement basic security protections”
exacerbated the extent of the cyberattack,
which was attributed to the Russian-speaking #ALPHV #ransomware gang.The complaint alleges that the healthtech giant had poorly segmented IT systems
that allowed the hackers to travel freely between servers,
and that Change Healthcare had failed to implement multi-factor authentication on its systems,
which meant they could be accessed with just a username and password.
https://techcrunch.com/2024/12/18/nebraska-sues-change-healthcare-over-security-failings-that-led-to-medical-data-breach-of-over-100-million-americans/