"executives at numerous organizations claiming to have stolen sensitive data from their Oracle E-Business Suite."
"We are currently observing a high-volume email campaign being launched from hundreds of compromised accounts and our initial analysis confirms that at least one of these accounts has been previously associated with activity from FIN11, a long-running financially motivated threat group known for deploying ransomware and engaging in extortion,"
"The malicious emails contain contact information, and we've verified that the two specific contact addresses provided are also publicly listed on the Clop data leak site,"
"does not currently have sufficient evidence to definitively assess the veracity of these claims."
A large-volume extortion campaign targets executives and IT teams at major organizations with emails alleging theft of Oracle E-Business Suite data. The emails began arriving on or before 29 September and include evidence-like claims and contact details. Security firms have observed ransom demands ranging from seven- to eight-figure sums, including a reported $50 million demand. The campaign appears to originate from hundreds of compromised accounts and shows links to FIN11 and the Cl0p ecosystem, previously involved in high-profile supply-chain extortion. The asserted breaches and extortion claims remain unconfirmed and under investigation.
Read at IT Pro
Unable to calculate read time
Collection
[
|
...
]