Global Cyber Pulse: 20 September 2024

September 20, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

Marko Polo Cybercrime Gang targets cryptocurrency users and influencers, Indonesia probes an alleged data breach exposing millions, including President Jokowi, Germany seizes the leak site of the ‘Vanir’ ransomware operation, CISA adds 5 new vulnerabilities to its critical exploits list requiring immediate action, and 8000 claimants sue Capita over the 2023 data breach—stay updated on the latest trends and incidents in the global cybersecurity space.

Stay updated on the latest trends and incidents in the global cybersecurity space.

Marko Polo Cybercrime Gang Targets Cryptocurrency Users, Influencers

A notorious cybercrime group, Marko Polo, has compromised tens of thousands of devices globally through cryptocurrency and gaming scams, according to recent findings by Recorded Future’s Insikt Group.

The group primarily focuses on high-value targets, including cryptocurrency influencers, online gaming personalities, and tech professionals. These individuals are at risk of significant financial losses if they fall victim to these sophisticated scams.

Marko Polo hackers lure victims by posing as HR or talent acquisition agents on social media, enticing them with fake job offers. Once engaged, they direct their targets to malicious websites, tricking them into downloading harmful software.

Indonesia Probes Alleged Data Breach Exposing Millions, Including President Jokowi

Indonesia’s tax agency is investigating a potential data breach that may have exposed taxpayer identification numbers of millions, including President Joko Widodo, his ministers, and family members.

The breach, shared on social media by cybersecurity expert Teguh Aprianto, revealed personal data of over six million Indonesians. This incident adds to a growing list of cyberattacks on Indonesian institutions, highlighting concerns about weak data protection protocols.

The Directorate General of Taxes is currently probing the situation but has not yet provided further details regarding the extent of the breach.

Germany Seizes Leak Site of ‘Vanir’ Ransomware Operation

German law enforcement has successfully dismantled parts of the infrastructure behind the Vanir ransomware group, which has been active in a limited number of attacks since its emergence in July.

Authorities in Karlsruhe and Baden-Württemberg seized the group’s leak site, which had listed three victims, including a German-based company. Investigations into the ransomware group have been ongoing since June, and further action is expected.

CISA Adds 5 New Vulnerabilities to Critical Exploits List: Immediate Action Required

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged five newly exploited vulnerabilities, urging organizations worldwide to take immediate action.

These vulnerabilities include weaknesses in popular platforms like Apache, Microsoft SQL Server, and Oracle WebLogic. Identified as high-risk, they are actively being exploited by cybercriminals, targeting both federal and private-sector systems.

Organizations are encouraged to patch these vulnerabilities promptly to mitigate potential threats.

8000 Claimants Sue Capita Over 2023 Data Breach

Outsourcing giant Capita faces a massive legal battle as nearly 8000 claimants prepare for a High Court case following the company’s 2023 data breach.

The breach, which occurred in March and was attributed to the Black Basta ransomware group, has drawn heavy criticism from Barings Law. The firm, representing the claimants, has condemned Capita’s handling of the situation, labeling it the largest legal action against the company to date.

The lawsuit underscores the growing legal ramifications for companies that fail to protect sensitive data.