Lmst

Protest held against extortion wave in Surrey as 3 foreign nationals charged
A small group of protesters called for more public safety action amid a wave of extortion-related violence in Surrey, B.C., on Monday. It was the same day police announced three foreign nationals were charged after an extortion-related shooting the previous ...
#protest #extortion #violence #publicsafety #Surrey #BC
https://www.cbc.ca/news/canada/british-columbia/3-charged-surrey-bc-extortion-shooting-9.7071655?cmp=rss

#Trump slashes #tariffs on #India after PM #Modi agrees to stop buying #Russia #oil & purchase crude imports from #Venezuela & the #US

#geopolitics #extortion #MafiaState #economy
https://apnews.com/article/trump-india-tariffs-russia-oil-7ca672c7d00d543782d61116e482172c?utm_source=onesignal&utm_medium=push&utm_campaign=2026-02-02-US+tariffs

Tracking the Expansion of ShinyHunters-Branded SaaS Data Theft

Threat actors associated with ShinyHunters-branded extortion operations are expanding their tactics, targeting cloud-based SaaS applications for data theft and extortion. The attackers use sophisticated voice phishing and credential harvesting to gain initial access, then exfiltrate sensitive data from various platforms. They employ aggressive extortion tactics, including harassment and DDoS attacks. The activity involves multiple threat clusters (UNC6661, UNC6671, UNC6240) and targets a growing number of cloud platforms. The attackers leverage social engineering to bypass MFA and use tools like ToogleBox Recall to cover their tracks. This activity highlights the effectiveness of social engineering and the importance of phishing-resistant MFA methods.

Pulse ID: 697dc01e979a31197f296e38
Pulse Link: https://otx.alienvault.com/pulse/697dc01e979a31197f296e38
Pulse Author: AlienVault
Created: 2026-01-31 08:41:02

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Cloud #CredentialHarvesting #CyberSecurity #DDoS #DataTheft #DoS #Extortion #ICS #InfoSec #MFA #OTX #OpenThreatExchange #Phishing #RAT #SocialEngineering #bot #AlienVault

3 arrested after early-morning shots fired in Surrey, police suspect extortion

Police say another shooting in Surrey, B.C., is believed to be linked to extortion, as these crimes have…
#NewsBeep #News #Headlines #CA #Canada #extortion #Surreypolice
https://www.newsbeep.com/381373/

3 arrested after early-morning shots fired in Surrey, police suspect extortion
Police were patrolling the area around Crescent Road and 132 Street in Surrey before 4 a.m. Sunday when they received reports of gunshots and a small fire outside a residence.
#crime #police #extortion #Surrey #CrescentRoad #132Street
https://globalnews.ca/news/11647469/three-arrested-extortion-surrey/

Global News BC | 3 arrested after early-morning shots fired in Surrey, police suspect extortion

Police were patrolling the area around Crescent Road and 132 Street in Surrey before 4 a.m. Sunday when they received reports of gunshots and a small fire outside a residence.

#GlobalNewsBC #BCNews #Canada #Extortion #SurreyPolice

"Some universities paid the government millions of dollars; others paid nothing but agreed to policy or personnel changes. But a common theme has emerged over the past year: The administration is seeking to alter the culture at these powerful institutions, barring them, for instance, from supporting programs aimed at diversity, equity and inclusion."

https://www.npr.org/2026/01/29/nx-s1-5559293/trump-settlements-colleges-universities

#colleges #universities #HigherEd #academia #diversity #equity #inclusion #extortion #USpol

⚠️ 0APT ransomware adds 60 new victims worldwide Still questioning about the group, #0APT has listed 60 additional global victims on its DLS, expanding its impact across multiple sectors. #ransomNews #ransomware #extortion

Extortion Campaign Targeting SaaS Platforms via Vishing

Pulse ID: 697e72057de3c43019cf84ab
Pulse Link: https://otx.alienvault.com/pulse/697e72057de3c43019cf84ab
Pulse Author: cryptocti
Created: 2026-01-31 21:20:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Extortion #InfoSec #OTX #OpenThreatExchange #bot #cryptocti

It's been a busy 24 hours in the cyber world with significant updates on actively exploited zero-days, nation-state attacks on critical infrastructure, sophisticated vishing campaigns, and the evolving threat landscape of AI. Let's dive in:

Ivanti EPMM Zero-Days Under Active Exploitation ⚠️

- Ivanti has patched two critical zero-day vulnerabilities (CVE-2026-1281, CVE-2026-1340) in its Endpoint Manager Mobile (EPMM) product, both rated CVSS 9.8 for unauthenticated remote code execution (RCE).
- These flaws are actively being exploited in a limited number of customer environments, allowing threat actors to gain administrative access, move laterally, and potentially access sensitive data like phone numbers and GPS locations.
- While specific IOCs are scarce, defenders should scrutinise Apache access logs for unusual GET requests with bash commands in In-House Application Distribution and Android File Transfer Configuration features, and look for unexpected web shells or WAR/JAR files. If compromised, a full restore from backup or migration to a new EPMM instance is recommended.

🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2026/01/30/ivanti_epmm_zero_days/

Coordinated Cyber Attacks on Polish Critical Infrastructure 🚨

- CERT Polska has detailed coordinated destructive cyber attacks on over 30 wind and solar farms, a manufacturing company, and a combined heat and power (CHP) plant in Poland on December 29, 2025.
- The attacks, attributed to Russia's FSB-linked Static Tundra (aka Berserk Bear, Ghost Blizzard), involved reconnaissance, firmware damage, file deletion, and deployment of custom wiper malware like DynoWiper and LazyWiper.
- Initial access was gained via vulnerable Fortinet perimeter devices and statically defined accounts lacking two-factor authentication, with attackers also exfiltrating data related to OT network modernisation and SCADA systems from M365 services.

📰 The Hacker News | https://thehackernews.com/2026/01/poland-attributes-december-cyber.html

ShinyHunters-Style Vishing Bypasses MFA for SaaS Data Theft 🔒

- Mandiant has observed an expansion of financially motivated ShinyHunters-style (UNC6240) activity, tracked as UNC6661 and UNC6671, using advanced vishing and fake credential harvesting sites.
- These groups impersonate IT staff to trick employees into providing SSO credentials and MFA codes, then register their own devices for MFA to access cloud SaaS platforms, exfiltrate sensitive data, and extort victims.
- Organisations should enhance help desk verification processes, enforce strong passwords, remove SMS/phone/email as MFA options, restrict management access, and implement robust logging and detection for MFA lifecycle changes and SaaS export behaviours, moving towards phishing-resistant MFA like FIDO2.

📰 The Hacker News | https://thehackernews.com/2026/01/mandiant-finds-shinyhunters-using.html

Iran-Linked RedKitten Uses AI for Human Rights NGO Targeting 🐱

- A Farsi-speaking threat actor, RedKitten, linked to Iranian state interests, is targeting human rights NGOs and activists, likely leveraging large language models (LLMs) for tooling development.
- The campaign uses macro-laced Excel documents (fabricated protestor death details) in 7-Zip archives as lures, dropping a C#-based SloppyMIO implant via AppDomainManager injection.
- SloppyMIO uses GitHub as a dead drop resolver for Google Drive URLs, steganographically retrieving configuration for its Telegram Bot API-based command-and-control, enabling command execution, file exfiltration, and persistence.

📰 The Hacker News | https://thehackernews.com/2026/01/iran-linked-redkitten-cyber-campaign.html

Agentic AI: The Next Big Attack Surface 🤖

- A Dark Reading poll indicates that agentic AI is widely expected to become the top attack vector by the end of 2026, due to the expanded attack surface from agents' high access and autonomy, especially with insecure code and "shadow AI."
- Experts highlight that the primary vulnerability lies in what compromised AI agents can access, stressing that authentication and access control, rather than AI safety features, are the critical battleground for securing autonomous systems.
- Deepfakes are also rising as a major social engineering vector for high-value targets, while the adoption of phishing-resistant passkeys is lagging, leaving organisations vulnerable as agentic systems proliferate.

🕶️ Dark Reading | https://www.darkreading.com/threat-intelligence/2026-agentic-ai-attack-surface-poster-child

#CyberSecurity #ThreatIntelligence #Vulnerabilities #ZeroDay #RCE #Ivanti #NationState #APT #CriticalInfrastructure #Poland #Russia #Wiper #ShinyHunters #Vishing #MFA #SaaS #Extortion #Iran #RedKitten #LLM #AI #Deepfakes #ThreatLandscape #InfoSec #CyberAttack #Malware #IncidentResponse

Jeffrey Epstein: International Moneyman of Mystery

#mossad #trumpEpstein #epsteinTrump #chidRape #extortion #corruption #blackmail #AIPAC #ariBenManashe #ghislane #robertMaxwell #megaGroup #DMI #lesWexner #charlesBronfman #embezzlement #moneyLaundering #corruption #hasbara #CUFI #CFR #zionistWhitesupremacy

https://nymag.com/nymetro/news/people/n_7912/

#PaneraBread #DataBreach

What Happened
In January 2026, PANERA BREAD suffered a data breach that exposed 14M records. After an attempted #extortion failed, the attackers published the data publicly, which included 5.1M unique #emailaddresses along with associated account information such as names, #phonenumbers and physical #addresses. Panera Bread subsequently confirmed that "the #data involved is contact information" and that authorities were notified.

https://haveibeenpwned.com/Breach/PaneraBread

CW: detailed reports of #sexualAbuse #trafficking #childAbuse #extortion #murder #rapeDrug

https://www.meidasplus.com/p/doj-just-deleted-this-document-from

#epsteinFiles
#DOJ
#TrumpSexualAbuseOfChildren
#Musk
#GOP

Midas have added an uodate to the linked article:

"UPDATE: As of 2:17pm ET on 1/30/26, the document is once again appearing on the DOJ website. We are looking through to see if additional redactions were made."

This is what #Canada have to endure from Trump and the #USA. It is downright criminal and #extortion to behave like that. Are they nuts? #Alberta #albertaseparatism #theFools
https://youtu.be/6pnHBXQMe_s

#TomHoman did not give a specific timeline for how long he would stay in #Minnesota.

“I’m staying until the problem’s gone,” Bag-o’-cash Homan said, adding that he has met elected officials & law enforcement leaders across the city & state, seeking to find common ground & suggested that he’s made some progress.

#Trump #MafiaState #extortion #law #DueProcess #CivilRights #UseOfForce #murder #ICE #CBP #Sturmabteilung #fascism #tyranny

“Give us access to illegal aliens, public safety threats in the safety & security of a jail,” #TomHoman said.

Bag-o’-cash Homan acknowledged that #immigration enforcement operations in #Minnesota haven’t been perfect [AYFKM?] but was also adamant that the admin isn’t surrendering their mission.

#Trump #MafiaState #extortion #law #DueProcess #CivilRights #UseOfForce #ExcessiveForce #PoliceBrutality #ExtraJudicialKillings #murder #ICE #CBP #Sturmabteilung #fascism #tyranny

#Extortion

#Trump border czar suggests a possible drawdown in #Minnesota but only after ‘cooperation’

Trump’s border czar #TomHoman said Thursday that the number of #immigration enforcement “officers” in MN will be reduced only after cooperation from state officials, & that he has “zero tolerance” for #protesters who assault his officers or impede their work.

#MafiaState #law #DueProcess #CivilRights #UseOfForce #PoliceBrutality #murder #ICE #CBP #Sturmabteilung
https://apnews.com/article/homan-minneapolis-immigration-enforcement-0d559bf53b630d7cc525fd3219f430ba?utm_source=onesignal&utm_medium=push&utm_campaign=2026-01-29-Breaking+News

#Extortion

Client Info