| ~7 MIN READ |
|
Nothing says "healthy incident response" like paying a ransom in secret and hoping nobody finds the receipts. This week's a reminder that the leak you should worry about isn't always the breach. Sometimes it's the negotiation transcript.
Secrecy is getting harder to maintain in cyber, whether you're a government agency hiding a ransom payment or an AI agent that can't tell a real GitHub Issue from an attacker's instructions. Here's what leaked, what broke, and what to actually do about it. PS: Was this forwarded to you? Subscribe free at exzeccyber.com/subscribe → |
|
In this edition
|
DATA EXTORTION
💰 A County Paid $1 Million to Make an Extortion Gang Go Away. It Didn't Tell Anyone.
Intro
Leaked negotiation transcripts have exposed a secret ransom deal between a U.S. county government, believed to be Union County, Ohio, and a data-extortion gang called Kairos.
What Happened
After stealing roughly 2 terabytes of resident data, including Social Security numbers and medical records, Kairos opened negotiations at $3 million. The county countered at $100,000. Over several rounds the two sides settled at $1 million in Bitcoin, paid quietly and never publicly disclosed until a threat researcher obtained the chat logs this month.
Why It Matters
The county has no technical way to verify Kairos actually deleted the stolen data. It paid for a promise, not proof, and residents whose SSNs were in that stolen 2TB found out about the deal from a leaked transcript, not from their own government.
The Other Side
Negotiators argue quiet payment can be the least-bad option when the alternative is a full public dump of resident data with zero leverage to stop it.
TL;DR: A county paid $1 million to a data-extortion gang in secret. A leaked transcript just made it very public.
Further reading: The Register
|
|
Dictate code. Wispr tags the files.
Speak your PR description, bug reproduction, or Cursor prompt. Wispr Flow auto-tags file names, preserves variable names, and formats everything for immediate paste into GitHub, Jira, or your editor.
No re-typing. No context gaps. No mangled syntax. Works natively inside Cursor, Warp, and every IDE at the system level.
4x faster than typing. 89% of messages sent with zero edits. Used by engineering teams at OpenAI, Vercel, and Clay.
|
|
|
Why did one company's AI work, and another's didn't?
One had a dedicated owner. Resolution rate: 48.9%. One didn't: 0.38%. See the full breakdown.
Strange but real
🎽 The Fastest Way Into a Fortune 500 Building Is Apparently Saying "Yes, I'm Here for the Wi-Fi"
Intro
A professional red teamer walked into a Fortune 500 company's office, claimed he was there to fix the Wi-Fi, and walked out with a $250,000 championship trophy in his backpack.
What Happened
The building's wireless network was genuinely glitchy thanks to nearby construction, which gave the red teamer's team perfect cover to wander around with laptops and antennas. In the marketing department, he found one of the sponsor company's prize trophies sitting in its display case. When an employee spotted him removing it and asked if he was there to fix the Wi-Fi, he said yes. She let him walk out the door.
Why It Matters
He kept the trophy for two and a half weeks before anyone noticed it was gone, then revealed it during his security presentation to the company's executives.
The Other Side
The employee's instinct wasn't unreasonable. Someone who looks like they belong and offers a plausible explanation usually does belong. That's exactly the trust attackers exploit.
TL;DR: A red teamer said "yes" to a Wi-Fi question and walked out with a $250,000 trophy.
Further reading: The Register
|
Claude vs Gemini. OpenAI vs Anthropic. Which lab ships next? Real money on all of it. Kalshi is the CFTC-regulated prediction market for tech readers. Trade what you know.



