Two U.S. cybersecurity professionals, Ryan Goldberg and Kevin Martin, admitted to their involvement in BlackCat ransomware attacks that extorted over $1.2 million from various companies in 2023. Despite their expertise in cybersecurity, they used their skills to conduct ransomware attacks, leading to federal charges that could result in lengthy prison sentences.

Three former employees from DigitalMint and Sygnia have been indicted for their roles in BlackCat ransomware attacks against five U.S. companies. They face serious charges, including extortion and computer damage, with potential prison sentences totaling up to 50 years. The group allegedly stole data, encrypted systems, and demanded ransoms ranging from $300,000 to $10 million.

Ransomware groups like Black Basta and FunkSec are increasingly using AI to enhance their extortion tactics, resulting in significant financial losses, such as $724 million stolen using TrickBot malware. The report highlights the growing prevalence of extortion methods, including DDoS attacks, and offers insights into regional trends and mitigation strategies.

PowerSchool has reported that the hacker behind a December cyberattack is now extorting individual school districts, threatening to release stolen student and teacher data unless a ransom is paid. Despite previously paying a ransom to prevent such an incident, PowerSchool acknowledges that the threat actor has not kept their promise to delete the data, leading to renewed extortion attempts against affected schools.

Clop ransomware group is targeting Oracle customers with extortion emails, demanding payments in exchange for not releasing stolen data. These emails are part of a broader trend of ransomware attacks aimed at various organizations, highlighting the ongoing threat of cyber extortion in the corporate sector.

A 45-year-old individual has been arrested in Moldova for alleged involvement in DoppelPaymer ransomware attacks, extortion, and money laundering targeting organizations in the Netherlands. This arrest follows a coordinated operation involving multiple law enforcement agencies in February 2023 that identified several members of the ransomware group.

Ransomware is evolving with the integration of GenAI and LLMs, leading to more sophisticated attacks such as AI-driven phishing and quadruple extortion. Experts discuss how groups like CL0P and FunkSec utilize AI to enhance their operations and pressure victims, while emphasizing the need for defenders to implement AI-aware security measures across various platforms. Strategies for securing identities and leveraging API visibility against emerging threats are also highlighted.