Mandiant and Google are investigating a new extortion campaign targeting organizations by claiming data theft from Oracle E-Business Suite systems. While links to the Clop ransomware gang are suspected, there is no confirmed data breach yet. #Clop #FIN11
Keypoints
- Mandiant and Google are tracking a widespread extortion email campaign targeting multiple companies.
- The emails claim sensitive data has been stolen from Oracle E-Business Suite systems, but verification is pending.
- The campaign involves hundreds of compromised email accounts, some linked to known threat groups.
- Links to the Clop ransomware gang, known for exploiting zero-day vulnerabilities, are suspected but unconfirmed.
- Organizations are advised to investigate their systems for signs of unusual access or compromise.