This is the online edition of The Wiretap newsletter, your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here.

An infamous ransomware group called Clop is back in town and causing chaos.

Over the past week, Google, the FBI and numerous security firms have warned about the hackers’ “mass extortion” attempts, where they threaten execs with leaking information stolen from their companies’ Oracle databases unless a ransom is paid.

“This is a ‘stop-what-you’re-doing and patch immediately’ vulnerability,” wrote FBI cyber division assistant director Brett Leatherman. “The bad guys are likely already exploiting in the wild, and the race is on before others identify and target vulnerable systems.”

It was unclear at first whether there were actual victims or if it was Clop playing games, but experts from Google’s Mandiant cybersecurity team said over the weekend that it had determined “several” successful breaches occurred using previously unknown and unpatched vulnerabilities, known as zero-days. The team didn’t offer specifics beyond that.

Oracle has issued a patch for the relevant vulnerabilities, which affected its E-Business Suite. “This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network without the need for a username and password. If successfully exploited, this vulnerability may result in remote code execution,” the company wrote in its advisory.

Per one staffer at........

© Forbes