Ransomware groups like Black Basta and FunkSec are increasingly using AI to enhance their extortion tactics, resulting in significant financial losses, such as $724 million stolen using TrickBot malware. The report highlights the growing prevalence of extortion methods, including DDoS attacks, and offers insights into regional trends and mitigation strategies.

PowerSchool has reported that the hacker behind a December cyberattack is now extorting individual school districts, threatening to release stolen student and teacher data unless a ransom is paid. Despite previously paying a ransom to prevent such an incident, PowerSchool acknowledges that the threat actor has not kept their promise to delete the data, leading to renewed extortion attempts against affected schools.

Clop ransomware group is targeting Oracle customers with extortion emails, demanding payments in exchange for not releasing stolen data. These emails are part of a broader trend of ransomware attacks aimed at various organizations, highlighting the ongoing threat of cyber extortion in the corporate sector.

A 45-year-old individual has been arrested in Moldova for alleged involvement in DoppelPaymer ransomware attacks, extortion, and money laundering targeting organizations in the Netherlands. This arrest follows a coordinated operation involving multiple law enforcement agencies in February 2023 that identified several members of the ransomware group.

Ransomware is evolving with the integration of GenAI and LLMs, leading to more sophisticated attacks such as AI-driven phishing and quadruple extortion. Experts discuss how groups like CL0P and FunkSec utilize AI to enhance their operations and pressure victims, while emphasizing the need for defenders to implement AI-aware security measures across various platforms. Strategies for securing identities and leveraging API visibility against emerging threats are also highlighted.