home.social

#ransom — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #ransom, aggregated by home.social.

  1. Ah, #Photobucket, the relic of the early internet, now demanding a #ransom of $5 to release your ancient #memes from digital purgatory. 😱💸 Apparently, in this age of trillion-dollar tech giants, every pixel still counts when lining the pockets of your favorite storage has-been. 🤡📸
    lutr.dev/want-your-images-back #DigitalPurgatory #InternetHistory #TechGiants #HackerNews #ngated

  2. Ah, #Photobucket, the relic of the early internet, now demanding a #ransom of $5 to release your ancient #memes from digital purgatory. 😱💸 Apparently, in this age of trillion-dollar tech giants, every pixel still counts when lining the pockets of your favorite storage has-been. 🤡📸
    lutr.dev/want-your-images-back #DigitalPurgatory #InternetHistory #TechGiants #HackerNews #ngated

  3. Who Runs the #Ransomware Group ‘The Gentlemen?’

    A #cybercrime group known as #TheGentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of #hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any #ransom paid by victims. This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group.
    #privacy #security

    krebsonsecurity.com/2026/06/wh

  4. Who Runs the #Ransomware Group ‘The Gentlemen?’

    A #cybercrime group known as #TheGentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of #hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any #ransom paid by victims. This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group.
    #privacy #security

    krebsonsecurity.com/2026/06/wh

  5. Via #LLRX - @psuPete Recommends Weekly highlights on #cybersecurity issues, 5/29/26 - Five highlights: Peter G. Neumann, Who Warned of #Computer #Security #Risks beginning in 2010, Dies at 93; #California Sues Owner of Former #23andMe; Troops’ #phones #leaked location data to #foreign adversaries; #FBI Warns Companies About #Ransom Gang’s Fake #IT Support Tactics; #Crypto Security Pioneer: ‘I Now Consider All of #Decentralized #Finance Unsafe’. llrx.com/2026/05/pete-recommen #cybercrime #privacy

  6. Via #LLRX - @psuPete Recommends Weekly highlights on #cybersecurity issues, 5/29/26 - Five highlights: Peter G. Neumann, Who Warned of #Computer #Security #Risks beginning in 2010, Dies at 93; #California Sues Owner of Former #23andMe; Troops’ #phones #leaked location data to #foreign adversaries; #FBI Warns Companies About #Ransom Gang’s Fake #IT Support Tactics; #Crypto Security Pioneer: ‘I Now Consider All of #Decentralized #Finance Unsafe’. llrx.com/2026/05/pete-recommen #cybercrime #privacy

  7. Ransomware: математический аппарат на службе зла

    Привет, Хабр! Я Илья Борисов, старший специалист отдела экспертизы MaxPatrol EDR антивирусной лаборатории Positive Technologies. В 2025 году команда аналитиков антивирусной лаборатории PT ESC провела исследование актуальных семейств ransomware (aka шифровальщиков), чтобы повысить эффективность их обнаружения нашим продуктом. Этот вид ВПО оказался одной из наиболее значимых и заметных разновидностей вредоносов, используемых в атаках в 2025 году. Мы проанализировали образцы, замеченные в период с конца 2024 года по конец 2025-го. Были разобраны как давно известные семейства шифровальщиков, такие как Black Basta, MedusaLocker и LockBit, и относительно недавно появившиеся Lynx, HellCat и BERT. В этой статье хочу поделиться результатами этого исследования. Для начала расскажу про типы шифровальщиков, на кого они нацелены, как работают, подсвечу технические детали, а также ретроспективно прослежу некоторые тенденции в эволюции ransomware.

    habr.com/ru/companies/pt/artic

    #ransomware #шифровальщики #вредоносное_по #lockbit #blackbasta #ransom #вымогательство #выкуп #кибератаки

  8. 𝐒𝐢𝐧𝐜𝐞 𝐖𝐡𝐞𝐧 𝐃𝐢𝐝 𝐀𝐬𝐤𝐢𝐧𝐠 𝐟𝐨𝐫 𝐄𝐯𝐢𝐝𝐞𝐧𝐜𝐞 𝐁𝐞𝐜𝐨𝐦𝐞 “𝐃𝐞𝐟𝐞𝐧𝐝𝐢𝐧𝐠 𝐂𝐫𝐢𝐦𝐢𝐧𝐚𝐥𝐬”?

    Dissent responded harshly to these accusations, firmly rejecting any insinuation of collusion with criminal groups. The journalist pointed out that every time she asks for evidence to support certain claims, she is labeled “criminal-friendly” or accused of being a mouthpiece for cybercriminals, simply for refusing to uncritically accept statements lacking public verification.

    suspectfile.com/since-when-did

    #Canvas #Data_Breach #Instructure #Navigate360 #Ransom #ShinyHunters

  9. 𝐒𝐢𝐧𝐜𝐞 𝐖𝐡𝐞𝐧 𝐃𝐢𝐝 𝐀𝐬𝐤𝐢𝐧𝐠 𝐟𝐨𝐫 𝐄𝐯𝐢𝐝𝐞𝐧𝐜𝐞 𝐁𝐞𝐜𝐨𝐦𝐞 “𝐃𝐞𝐟𝐞𝐧𝐝𝐢𝐧𝐠 𝐂𝐫𝐢𝐦𝐢𝐧𝐚𝐥𝐬”?

    Dissent responded harshly to these accusations, firmly rejecting any insinuation of collusion with criminal groups. The journalist pointed out that every time she asks for evidence to support certain claims, she is labeled “criminal-friendly” or accused of being a mouthpiece for cybercriminals, simply for refusing to uncritically accept statements lacking public verification.

    suspectfile.com/since-when-did

    #Canvas #Data_Breach #Instructure #Navigate360 #Ransom #ShinyHunters

  10. NEW by me:

    Another detail emerges about Instructure's agreement with ShinyHunters; Debate continues about whether to pay:

    databreaches.net/2026/05/16/an

    Cybersecurity experts make claims about ShinyHunters to journalists, but where is the evidence to support their claims? Journalists shouldn't just quote experts -- ask them the basis for their claims. How much evidence do they actually have to support their assertions?

    #hackandleak #databreach #Instructure #ShinyHunters #ransom #journalism

    @amvinfe @masek @euroinfosec

  11. NEW by me:

    Another detail emerges about Instructure's agreement with ShinyHunters; Debate continues about whether to pay:

    databreaches.net/2026/05/16/an

    Cybersecurity experts make claims about ShinyHunters to journalists, but where is the evidence to support their claims? Journalists shouldn't just quote experts -- ask them the basis for their claims. How much evidence do they actually have to support their assertions?

    #hackandleak #databreach #Instructure #ShinyHunters #ransom #journalism

    @amvinfe @masek @euroinfosec

  12. 𝐑𝐚𝐧𝐬𝐨𝐦𝐰𝐚𝐫𝐞, 𝐓𝐫𝐚𝐧𝐬𝐩𝐚𝐫𝐞𝐧𝐜𝐲, 𝐚𝐧𝐝 𝐈𝐧𝐯𝐢𝐬𝐢𝐛𝐥𝐞 𝐕𝐢𝐜𝐭𝐢𝐦𝐬: 𝐃𝐢𝐬𝐬𝐞𝐧𝐭 𝐑𝐞𝐬𝐩𝐨𝐧𝐝𝐬 𝐭𝐨 𝐭𝐡𝐞 𝐈𝐧𝐬𝐭𝐫𝐮𝐜𝐭𝐮𝐫𝐞 𝐂𝐚𝐬𝐞

    A recent article published by DataBreaches.net by journalist Dissent addresses one of the most controversial issues in modern cybersecurity: the payment of ransoms following a cyberattack and the consequences such decisions can have not only on the companies involved, but also on the individuals whose data has been compromised.

    suspectfile.com/ransomware-tra

    #Canvas #Data_Breach #Instructure #Navigate360 #Ransom #Ransomware #ShinyHunters

  13. 𝐑𝐚𝐧𝐬𝐨𝐦𝐰𝐚𝐫𝐞, 𝐓𝐫𝐚𝐧𝐬𝐩𝐚𝐫𝐞𝐧𝐜𝐲, 𝐚𝐧𝐝 𝐈𝐧𝐯𝐢𝐬𝐢𝐛𝐥𝐞 𝐕𝐢𝐜𝐭𝐢𝐦𝐬: 𝐃𝐢𝐬𝐬𝐞𝐧𝐭 𝐑𝐞𝐬𝐩𝐨𝐧𝐝𝐬 𝐭𝐨 𝐭𝐡𝐞 𝐈𝐧𝐬𝐭𝐫𝐮𝐜𝐭𝐮𝐫𝐞 𝐂𝐚𝐬𝐞

    A recent article published by DataBreaches.net by journalist Dissent addresses one of the most controversial issues in modern cybersecurity: the payment of ransoms following a cyberattack and the consequences such decisions can have not only on the companies involved, but also on the individuals whose data has been compromised.

    suspectfile.com/ransomware-tra

    #Canvas #Data_Breach #Instructure #Navigate360 #Ransom #Ransomware #ShinyHunters

  14. "Agreement:" reached in ShinyHunter's breach of Infrastructure's Canvas LMS .... the cybercrime gang returned the stolen data (which includes usernames, email addresses, course names, enrollment information, and messages) and provided shred logs confirming its destruction.

    While not confirmed, it looks like a ransom payment was made. A webinar on May 13 may provide more details. instructure.com/incident_update #Breach #Hackers #ShinyHunters #Infrastructure #CanvasLMS #LMS #StudentData #DataPrivacy #Ransom #RansomWare #CyberCrime

  15. "Agreement:" reached in ShinyHunter's breach of Infrastructure's Canvas LMS .... the cybercrime gang returned the stolen data (which includes usernames, email addresses, course names, enrollment information, and messages) and provided shred logs confirming its destruction.

    While not confirmed, it looks like a ransom payment was made. A webinar on May 13 may provide more details. instructure.com/incident_update

  16. #Canvas #Breach Disrupts #Schools & #Colleges Nationwide

    An ongoing data #extortion #attack targeting the widely-used #education technology platform Canvas disrupted classes and #coursework at #school districts and #universities across the United States today, after a #cybercrime group defaced the service’s login page with a #ransom demand that threatened to #leak data from 275 million #students & faculty across nearly 9,000 educational institutions.
    #privacy #security

    krebsonsecurity.com/2026/05/ca

  17. #Canvas #Breach Disrupts #Schools & #Colleges Nationwide

    An ongoing data #extortion #attack targeting the widely-used #education technology platform Canvas disrupted classes and #coursework at #school districts and #universities across the United States today, after a #cybercrime group defaced the service’s login page with a #ransom demand that threatened to #leak data from 275 million #students & faculty across nearly 9,000 educational institutions.
    #privacy #security

    krebsonsecurity.com/2026/05/ca

  18. #ransom : the release of a captive, or of captured property, by payment of a consideration

    - French: rançon

    - German: das Lösegeld

    - Italian: riscatto

    - Portuguese: resgate

    - Spanish: rescate

    ------------

    Try Christian's word chain building game @ wordwallgame.com

  19. #ransom : the release of a captive, or of captured property, by payment of a consideration

    - French: rançon

    - German: das Lösegeld

    - Italian: riscatto

    - Portuguese: resgate

    - Spanish: rescate

    ------------

    Try Christian's word chain building game @ wordwallgame.com

  20. NEW: A Silent Threat, Loud Consequences: Ransom Group Hits Law Firms Hard

    #SilentRansomGroup has leaked data from 38 law firms so far -- and they tell me most law firms do pay them. That means.... (counting on fingers and toes...) they've hit a heckuva lot of law firms.

    And I'm beginning to get a feel for how their negotiations go when they fail.

    Read about their attack on Wood Smith Henning & Berman at:

    databreaches.net/2026/04/13/a-

    #hackandleak #ransom #cybersec #infosec #databreach

  21. NEW: A Silent Threat, Loud Consequences: Ransom Group Hits Law Firms Hard

    #SilentRansomGroup has leaked data from 38 law firms so far -- and they tell me most law firms do pay them. That means.... (counting on fingers and toes...) they've hit a heckuva lot of law firms.

    And I'm beginning to get a feel for how their negotiations go when they fail.

    Read about their attack on Wood Smith Henning & Berman at:

    databreaches.net/2026/04/13/a-

    #hackandleak #ransom #cybersec #infosec #databreach

  22. When people keep advising victims not to pay ransom because threat actors can't be trusted to really delete all the data, my inner researcher kicks in and wants to know how often that really happens.

    So I started sending out inquiries.

    Now you might think that those who publicly and repeatedly urge journalists to "spread the word" not to pay would respond and share some of their experiences with untrustworthy threat actors, but no..... they didn't even respond.

    Read about the replies I did get, because they really surprised me.

    I have no doubt that some professionals will hate what I have reported, but then, perhaps they should have responded, too, if they think differently.

    How often do threat actors default on promises to delete data?
    databreaches.net/2026/04/05/ho

    #databreach #incidentresponse #ransom

    @zackwhittaker @campuscodi @euroinfosec @lawrenceabrams @jgreig @securityaffairs @Hackread @h4ckernews

  23. When people keep advising victims not to pay ransom because threat actors can't be trusted to really delete all the data, my inner researcher kicks in and wants to know how often that really happens.

    So I started sending out inquiries.

    Now you might think that those who publicly and repeatedly urge journalists to "spread the word" not to pay would respond and share some of their experiences with untrustworthy threat actors, but no..... they didn't even respond.

    Read about the replies I did get, because they really surprised me.

    I have no doubt that some professionals will hate what I have reported, but then, perhaps they should have responded, too, if they think differently.

    How often do threat actors default on promises to delete data?
    databreaches.net/2026/04/05/ho

    #databreach #incidentresponse #ransom

    @zackwhittaker @campuscodi @euroinfosec @lawrenceabrams @jgreig @securityaffairs @Hackread @h4ckernews

  24. I am a big fan of BakerHostetler's annual data security incident response reports because they are based on actual client experiences and data.

    I just posted about their 2026 report, and commented on their healthcare sector data. As I had mentioned to @siguza, healthcare breaches tend to get higher ransom demands and higher settlements. Take a look at the 2025 data -- the highest initial ransom demand for a health entity client was $98M.

    I'd love to know who the victim was and what TA or group demanded that much.

    That said, the highest ransom actually paid for a healthcare sector breach by one of their clients last year was $5M.

    Big delta.

    My post: databreaches.net/2026/04/03/ba

    #ransomware #healthsec #incidentresponse #statistics #phishing #ransom #malware #databreach #cybersecurity

    @campuscodi @amvinfe

  25. I am a big fan of BakerHostetler's annual data security incident response reports because they are based on actual client experiences and data.

    I just posted about their 2026 report, and commented on their healthcare sector data. As I had mentioned to @siguza, healthcare breaches tend to get higher ransom demands and higher settlements. Take a look at the 2025 data -- the highest initial ransom demand for a health entity client was $98M.

    I'd love to know who the victim was and what TA or group demanded that much.

    That said, the highest ransom actually paid for a healthcare sector breach by one of their clients last year was $5M.

    Big delta.

    My post: databreaches.net/2026/04/03/ba

    #ransomware #healthsec #incidentresponse #statistics #phishing #ransom #malware #databreach #cybersecurity

    @campuscodi @amvinfe

  26. Cyber sleuths uncover nefarious techniques to take malware (dubbed Omnistealer) posted in GitHub and use social engineering techniques to get it embedded into blockchains where the malware may be stored forever and make it difficult to root out as the chains grow.

    "Hiding malicious payloads within blockchain has become an emerging obfuscation technique."

    Omnistealer is capable of stealing cryptocurrency, passwords and privileged credentials for accessing an organization's information. pcmag.com/news/malware-is-slee #CyberSecurity #Ransom-ISAC #Security #CyberAttack #Malware #BlockChain #GitHub #FakeJobs #FakeRecruiters #JobInterviews #OmniStealer #Cyber #SocialEngineering

  27. Cyber sleuths uncover nefarious techniques to take malware (dubbed Omnistealer) posted in GitHub and use social engineering techniques to get it embedded into blockchains where the malware may be stored forever and make it difficult to root out as the chains grow.

    "Hiding malicious payloads within blockchain has become an emerging obfuscation technique."

    Omnistealer is capable of stealing cryptocurrency, passwords and privileged credentials for accessing an organization's information. pcmag.com/news/malware-is-slee -ISAC

  28. Most of us have probably read that one reason not to pay threat actors is that they cannot be trusted to keep their word to delete data they have exfiltrated. But how often does that actually occur?

    I have sent inquiries to a number of incident response/negotiation firms and the DOJ. If I did not send one to your firm and your firm handles a lot of negotiations and payments, please accept my apologies for not having contacted you, and answer the following question (either publicly or via a private message to me):

    In what percentage of cases where payment was made to delete data, did threat actors break their word and not delete it?

    Please feel free to share this post with others here and elsewhere to boost my chances of getting additional responses/estimates. Thank you all.

    #incidentresponse #ransom #extortion #ransomware #databreach

  29. Most of us have probably read that one reason not to pay threat actors is that they cannot be trusted to keep their word to delete data they have exfiltrated. But how often does that actually occur?

    I have sent inquiries to a number of incident response/negotiation firms and the DOJ. If I did not send one to your firm and your firm handles a lot of negotiations and payments, please accept my apologies for not having contacted you, and answer the following question (either publicly or via a private message to me):

    In what percentage of cases where payment was made to delete data, did threat actors break their word and not delete it?

    Please feel free to share this post with others here and elsewhere to boost my chances of getting additional responses/estimates. Thank you all.

    #incidentresponse #ransom #extortion #ransomware #databreach