Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

DragonForce Ransomware group is targeting Saudi Arabia

Resecurity researchers reported that DragonForce ransomware targets Saudi organizations rising cyber threats in the region. DragonForce ransomware has recently been reported to target organizations in the Kingdom of Saudi Arabia (KSA). A significant incident identified by Resecurity involved a data leak from a prominent real estate and construction company in Riyadh, which has projects with […]

DragonForce ransomware

Resecurity researchers reported that DragonForce ransomware targets Saudi organizations rising cyber threats in the region.

DragonForce ransomware has recently been reported to target organizations in the Kingdom of Saudi Arabia (KSA). A significant incident identified by Resecurity involved a data leak from a prominent real estate and construction company in Riyadh, which has projects with major conglomerates in the energy, oil and gas, government, and defense sectors.

DragonForce ransomware

This ransomware attack is part of a broader trend of cyber threats facing the region, particularly against critical infrastructure and major corporations. The new incident is an important signal to local law enforcement and the cybersecurity community, as new victims will soon appear in the MENA region. The attack will likely expand beyond the MENA region as their techniques prove effective.

It is the first time the ransomware gang has targeted a large KSA enterprise entity. According to claims made by the actors, the total volume of exfiltrated data exceeds 6 TB. Notably, the target and timing were not chosen randomly. Initially announced on February 14, 2025, DragonForce started to extort the victim to pay to prevent the publication of stolen data. The deadline was set for one day before Ramadan begins on February 28, 2025.

“As soon as the deadline had been reached, DragonForce released the leaked data consisting of over 6 TB of files, which included internal and confidential documents related to the operations and clients of the company. Typically, the group created a dedicated URL for this that was different from the official DLS site.” reads the report published by Resecurity.

The targeting of KSA by ransomware groups like DragonForce raises concerns about the security of critical infrastructure in the region. Resecurity and other cybersecurity experts warn that such attacks will have severe implications for the affected companies, national security, and economic stability.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, DragonForce ransomware)