Sign up to save your podcasts
Or
Share Ransomware Gangs Are Teaming Up
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Ransomware Gangs Are Teaming Up
Ransomware gangs aren’t operating alone anymore and the lines between them are increasingly blurry.
In this episode of Cyberside Chats, we look at how modern ransomware groups collaborate, specialize, and team up to scale attacks faster. Using ShinyHunters’ newly launched data leak website as an example, we discuss how different crews handle access, social engineering, and data exposure, and why overlapping roles make attribution, defense, and response harder.
We also explore what this shift means for security leaders, from training and identity protection to preparing for data extortion that doesn’t involve encryption.
Key Takeaways
1. Harden identity and SaaS workflows, not just endpoints - Review help desk procedures, SSO flows, OAuth permissions, and admin access. Many recent incidents succeed without malware or exploits.
2. Train staff for voice phishing and IT impersonation - Add vishing scenarios to security awareness programs, especially for help desk and IT-adjacent roles.
3. Limit blast radius across cloud and SaaS platforms - Enforce least privilege, audit third-party integrations, and regularly review OAuth scopes and token lifetimes.
4. Plan for data extortion without ransomware - Update incident response plans and tabletop exercises to assume data theft and public exposure, even when no systems are encrypted.
5. Practice executive decision-making under data exposure pressure - Tabletop exercises should include legal, communications, and leadership discussions about public leaks, reputational risk, and extortion demands.
Resources
1. Panera Bread Breach Linked to ShinyHunters and Voice Phishing
https://mashable.com/article/panera-bread-breach-shinyhunters-voice-phishing-14-million-customers
2. BreachForums Database Leak Exposes 324,000 Accounts
https://www.bleepingcomputer.com/news/security/breachforums-hacking-forum-database-leaked-exposing-324-000-accounts/
3. BreachForums Disclosure and ShinyHunters
https://blog.barracuda.com/2026/01/26/breachforums-disclosure-shinyhunters
4. Scattered LAPSUS$ Hunters: 2025’s Most Dangerous Cybercrime
https://www.picussecurity.com/resource/blog/scattered-lapsus-hunters-2025s-most-dangerous-cybercrime-supergroup
5. Microsoft Digital Defense Report
https://www.microsoft.com/security/business/security-insider/microsoft-digital-defense-report
View all episodes
By Chatcyberside
5
22 ratings
Ransomware gangs aren’t operating alone anymore and the lines between them are increasingly blurry.
In this episode of Cyberside Chats, we look at how modern ransomware groups collaborate, specialize, and team up to scale attacks faster. Using ShinyHunters’ newly launched data leak website as an example, we discuss how different crews handle access, social engineering, and data exposure, and why overlapping roles make attribution, defense, and response harder.
We also explore what this shift means for security leaders, from training and identity protection to preparing for data extortion that doesn’t involve encryption.
Key Takeaways
1. Harden identity and SaaS workflows, not just endpoints - Review help desk procedures, SSO flows, OAuth permissions, and admin access. Many recent incidents succeed without malware or exploits.
2. Train staff for voice phishing and IT impersonation - Add vishing scenarios to security awareness programs, especially for help desk and IT-adjacent roles.
3. Limit blast radius across cloud and SaaS platforms - Enforce least privilege, audit third-party integrations, and regularly review OAuth scopes and token lifetimes.
4. Plan for data extortion without ransomware - Update incident response plans and tabletop exercises to assume data theft and public exposure, even when no systems are encrypted.
5. Practice executive decision-making under data exposure pressure - Tabletop exercises should include legal, communications, and leadership discussions about public leaks, reputational risk, and extortion demands.
Resources
1. Panera Bread Breach Linked to ShinyHunters and Voice Phishing
https://mashable.com/article/panera-bread-breach-shinyhunters-voice-phishing-14-million-customers
2. BreachForums Database Leak Exposes 324,000 Accounts
https://www.bleepingcomputer.com/news/security/breachforums-hacking-forum-database-leaked-exposing-324-000-accounts/
3. BreachForums Disclosure and ShinyHunters
https://blog.barracuda.com/2026/01/26/breachforums-disclosure-shinyhunters
4. Scattered LAPSUS$ Hunters: 2025’s Most Dangerous Cybercrime
https://www.picussecurity.com/resource/blog/scattered-lapsus-hunters-2025s-most-dangerous-cybercrime-supergroup
5. Microsoft Digital Defense Report
https://www.microsoft.com/security/business/security-insider/microsoft-digital-defense-report
More shows like Cyberside Chats: Cybersecurity Insights from the Experts
View all
No Agenda Show
5,971 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
370 Listeners
The DSR Network
1,795 Listeners
Conspirituality
2,078 Listeners
What Rough Beast
65 Listeners