The number of known Cl0p victims resulting from its Memorial Day attack on vulnerable internet-facing MOVEit Transfer installations has surpassed 420, according to IT market research company KonBriefing Research. The cyber extortion group has lately switched to setting up company-specific leak sites on the “surface web” (as opposed to the “dark web”, which is only reachable via specialized software), in the hopes of pushing big companies such as PWC and EY to pay the ransom.

Source: Help Net Security