From their notice: CoinGecko, the world’s largest independent cryptocurrency data aggregator, experienced a data breach on June 5, 2024, through its third-party email platform, GetResponse. How did the data breach happen? On June 5, 2024, around 06:30 AM UTC, we detected unusual activity on our third-party email marketing platform, GetResponse. An attacker had compromised a…
Never heard of the Embargo ransomware group? SuspectFile provides some insight.
Marco A. De Felice (aka @amvinfe) writes: Embargo is yet another ransomware group emerging in the digital extortion landscape, a group that some industry analysts compare to the much more well-known Alphv group. However, programming similarities do not align with the statements made by a group member during our interview. The program used by Embargo…
FBI Cyber Lead Urges Potential LockBit Victims to Contact Internet Crime Complaint Center
FBI Cyber Division Assistant Director Bryan Vorndran on June 5 highlighted the Bureau’s “ongoing disruption” of the LockBit ransomware group and its affiliates, and urged potential victims to contact the Bureau’s Internet Crime Complaint Center (IC3). The Bureau now has more than 7,000 LockBit decryption keys in its possession, Vorndran said in a keynote at the…
Update: London NHS hospitals revert to paper records after cyber-attack
Denis Campbell and Dan Milmo report: A cyber-attack thought to have been carried out by a Russian group has forced London NHS hospitals to resurrect long-discarded paper records systems in which porters hand-deliver blood test results because IT networks are disrupted. Guy’s and St Thomas’ trust (GSTT) has gone back to using paper, rather than computers, to…
Four arrested for allegedly attempting to sabotage Interpol criminal search system
Daryna Antoniuk reports: International law enforcement has uncovered a criminal organization operating in Moldova suspected of attempting to sabotage a system that helps Interpol members locate and arrest wanted criminals worldwide. Moldovan authorities, with help from French prosecutors and the FBI, said they conducted over 30 searches on Monday and detained four suspects linked to Belarus, Russia and Ukraine….
RansomHub Actors Exploit ZeroLogon Vuln in Recent Ransomware Attacks
Jai Vijayan reports: In recent attacks involving the ominously growing RansomHub ransomware, attackers have exploited the so-called ZeroLogon flaw in the Windows Netlogon Remote Protocol from 2020 (CVE-2020-1472) to gain initial access to a victim’s environment. Prior to deploying the ransomware, the attackers have used several dual-use tools, including remote access products from companies like Atera…