Tag

Extortion

3 briefs RSS

CrowdStrike 2026 Technology Threat Landscape Report: China's Ambitions Fuel Attacks

The CrowdStrike 2026 Technology Threat Landscape Report highlights the pervasive targeting of the technology sector by China-nexus and eCrime adversaries, employing tactics like password spraying, vulnerability exploitation, supply chain compromises (e.g., Axios npm package, GitHub repositories), and malware distribution (macOS info stealers via OpenClaw lures) to achieve intelligence collection, intellectual property theft, and financial extortion.

Axios npm package +1 intelligence-collection espionage supply-chain-compromise software-supply-chain extortion state-sponsored ecrime macos +1

2r 6t 2d ago

high threat

UNC6671 BlackFile Vishing Extortion Campaign Targeting Microsoft 365 and Okta

2 rules 8 TTPs 5 IOCs

UNC6671, operating under the "BlackFile" brand, conducts a sophisticated extortion campaign targeting organizations through voice phishing (vishing) and single sign-on (SSO) compromise, using adversary-in-the-middle (AiTM) techniques to bypass MFA and exfiltrate sensitive corporate data.

Microsoft 365 +5 UNC6671 vishing extortion aitm credential-theft data-exfiltration sso

2r 8t 5i May 15, 2026

high threat

Social Engineering Attacks Targeting Enterprise SaaS Environments

2 rules 4 TTPs 1 IOC

Financially motivated threat actors are using social engineering techniques like vishing and credential harvesting to compromise enterprise SaaS environments, leading to data exfiltration and extortion.

ShinyHunters social-engineering saas data-exfiltration extortion

2r 4t 1i May 1, 2026