Truth in IT
    • Sign In
    • Register
        • Videos
        • Channels
        • Pages
        • Galleries
        • News
        • Events
        • All
Truth in IT Truth in IT
  • Data Management ▼
    • Converged Infrastructure
    • DevOps
    • Networking
    • Storage
    • Virtualization
  • Cybersecurity ▼
    • Application Security
    • Backup & Recovery
    • Data Security
    • Identity & Access Management (IAM)
    • Zero Trust
    • Compliance & GRC
    • Endpoint Security
  • Cloud ▼
    • Hybrid Cloud
    • Private Cloud
    • Public Cloud
  • Webinar Library
  • TiPs
  • DRAW

Varonis: ShinyHunters: Timing Tactics & Ransomware Surge

Varonis
07/05/2026
0 (0%)
Share
  • Comments
  • Download
  • Transcript
Report Like Favorite
  • Share/Embed
  • Email
Link
Embed

Transcript


at least my hypothesis is around timing. They seem to have really nailed when to attack a company. Now, when we think about the leaks from Zara and Carnival and 7-Eleven, we have ADT, we have Vimeo. These are all deadlines that were given to the companies of, we're going to post the data online or encrypt your systems if you don't pay us by these particular times. And they are, for lack of a better word, hot and heavy right now. They're attacking a lot of different organizations. They're carrying out a lot of attacks. Seems as though their operation is growing based off the use of initial access brokers that we saw earlier.

TL;DR

  • ShinyHunters is currently executing a high-volume attack campaign against major organizations across multiple industries, including retail, entertainment, and infrastructure.
  • The group's defining tactic is deadline-driven extortion — threatening to leak data or encrypt systems by a specific date if ransom is not paid.
  • Their operation appears to be scaling through the use of initial access brokers, enabling faster and broader targeting of new victims.

Summary

This short clip offers an analyst's perspective on the ShinyHunters threat group and what makes their current wave of attacks particularly notable. The speaker's central hypothesis centers on timing: ShinyHunters has demonstrated a sophisticated ability to identify precisely when to pressure a target organization, issuing hard deadlines that threaten either public data exposure or system encryption if ransom demands go unmet. Victims in this surge include well-known brands such as Zara, Carnival, 7-Eleven, ADT, and Vimeo — a cross-industry spread that signals the group is not narrowly focused on a single sector. The speaker characterizes the group as aggressively active right now, describing their pace as 'hot and heavy' and noting that the volume and frequency of attacks suggest a scaling operation. A key structural observation is that ShinyHunters appears to be leveraging initial access brokers to expand its reach, a tactic that allows the group to outsource the initial compromise phase and focus resources on extortion. For security teams, this clip serves as a timely warning that ShinyHunters is operationally mature, growing, and applying deliberate psychological pressure through deadline-driven extortion.

Chapters

0:00 - Timing as a Weapon
0:11 - Recent High-Profile Victims
0:27 - Growing Scale & Access Brokers

Key Quotes

0:04 "... at least my hypothesis is around timing."
0:07 "They seem to have really nailed when to attack a company."
0:27 "They are, for lack of a better word, hot and heavy right now."

FAQ

What makes ShinyHunters' current attack wave different from previous activity?

According to the speaker, the current surge is distinguished by the group's precise timing of attacks and their use of hard deadlines to pressure victims, combined with a growing operational scale enabled by initial access brokers.

Which organizations have been targeted by ShinyHunters recently?

The clip references Zara, Carnival, 7-Eleven, ADT, and Vimeo as recent victims, each given deadlines to pay before data was posted or systems were encrypted.


Categories:
  • » Webinar Library » Varonis
  • » Data Protection
Channels:
News:
Events:
Tags:
  • Threat Intelligence
  • Security Operations
  • Short Form
  • ShinyHunters threat group
  • Ransomware extortion tactics
  • Initial access brokers
  • Data breach deadline pressure
  • Threat actor profiling
  • Cybercrime operations
Show more Show less

Browse videos

  • Related
  • Featured
  • By date
  • Most viewed
  • Top rated
  •  

              Video's comments: Varonis: ShinyHunters: Timing Tactics & Ransomware Surge

              Upcoming Webinar Calendar

              • 07/09/2026
                01:00 PM
                07/09/2026
                The HUMAN Experience: Empowering Agentic Trust in Practice
                https://www.truthinit.com/index.php/channel/2026/the-human-experience-empowering-agentic-trust-in-practice/
              • 07/14/2026
                01:00 PM
                07/14/2026
                Crafting a Championship-Level Security Team for Unmatched Defense Success
                https://www.truthinit.com/index.php/channel/2025/crafting-a-championship-level-security-team-for-unmatched-defense-success/
              • 07/14/2026
                02:00 PM
                07/14/2026
                Understanding the Crucial Role of Context in AI Data
                https://www.truthinit.com/index.php/channel/2037/understanding-the-crucial-role-of-context-in-ai-data/
              • 07/21/2026
                04:00 AM
                07/21/2026
                Strategies for Managing AI Governance and Securing App-to-LLM API Traffic
                https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
              • 07/21/2026
                01:00 PM
                07/21/2026
                HUMAN Dialogue: Insights from Attackers During the FIFA World Cup
                https://www.truthinit.com/index.php/channel/2029/human-dialogue-insights-from-attackers-during-the-fifa-world-cup/
              • 07/22/2026
                06:30 AM
                07/22/2026
                Insights and Innovations in Data Privacy and Digital Protection
                https://www.truthinit.com/index.php/channel/2000/insights-and-innovations-in-data-privacy-and-digital-protection/
              • 07/28/2026
                01:00 PM
                07/28/2026
                Illumio + Netskope: Zero Trust in the Age of AI Autonomy
                https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
              • 07/29/2026
                04:00 AM
                07/29/2026
                Real-Time Strategies for Safeguarding Against Prompt Injections
                https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
              • 07/29/2026
                12:00 PM
                07/29/2026
                Unified Data Security in Action: Uncover, Analyze, and Resolve Threats
                https://www.truthinit.com/index.php/channel/2045/unified-data-security-in-action-uncover-analyze-and-resolve-threats/
              • 08/19/2026
                12:00 PM
                08/19/2026
                Becoming Agent Ready: Insights from Cyera's Expertise
                https://www.truthinit.com/index.php/channel/2036/becoming-agent-ready-insights-from-cyeras-expertise/
              • 09/30/2026
                04:00 AM
                09/30/2026
                AI Command Center: Optimizing Visibility and Control in Your Operations
                https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/

              Upcoming Events

              • Jul
                09

                The HUMAN Experience: Empowering Agentic Trust in Practice

                07/09/202601:00 PM ET
                • Jul
                  14

                  Crafting a Championship-Level Security Team for Unmatched Defense Success

                  07/14/202601:00 PM ET
                  • Jul
                    14

                    Understanding the Crucial Role of Context in AI Data

                    07/14/202602:00 PM ET
                    • Jul
                      21

                      Strategies for Managing AI Governance and Securing App-to-LLM API Traffic

                      07/21/202604:00 AM ET
                      • Jul
                        21

                        HUMAN Dialogue: Insights from Attackers During the FIFA World Cup

                        07/21/202601:00 PM ET
                        More events
                        Truth in IT
                        • Sponsor
                        • About Us
                        • Terms of Service
                        • Privacy Policy
                        • Contact Us
                        • Preference Management
                        Desktop version
                        Standard version