July 23, 2024
UPDATE:
As of July 16, 2024, FOG ransomware group created a dedicated blog on the dark web, where the group claims it will post confidential information belonging to victim companies. As previously assessed by FTI Cybersecurity, the creation of a leak site is an indicator that FOG is employing double extortion tactics, seeking to increase payouts by threatening to publish exfiltrated data if a ransom is not paid.
+++
Originally posted on July 10, 2024
The FTI Cybersecurity team released a threat intelligence report examining FOG ransomware, including the identification of a previously unobserved tactic. The report details threat activity, offers a threat assessment, and provides recommended actions.