New Extortion Brand Uses IT Impersonation to Breach Organizations
ID: d5357cde-ac3c-5d4a-a506-0fa8e74fc59d
STIX ID: report--d5357cde-ac3c-5d4a-a506-0fa8e74fc59d
Feed Name: KnowBe4 Blog
Threat Score
A newly surfaced extortion group dubbed "Pink" is using vishing and fake helpdesk calls to harvest credentials and bypass MFA, then quickly exfiltrating data from services such as SharePoint and OneDrive to support extortion; Unit 42 and reporting link Pink to prior groups (BlackFile, Redact) and the broader "The Com" network, with domain reuse and DDoS-Guard hosting noted.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
