cyber crime

A new variant of ESXiArgs ransomware makes recovery much harder

Experts warn of new ESXiArgs ransomware attacks using an upgraded version that makes it harder to recover VMware ESXi virtual machines. Experts spotted a new variant of ESXiArgs ransomware targeting VMware ESXi servers, authors have improved the encryption process, making it much harder to recover the encrypted virtual machines. The new variant was spotted less than a […]

The post A new variant of ESXiArgs ransomware makes recovery much harder appeared first on Security Affairs.

February 9, 2023
0 comment
Read More >>

Russian national pleads guilty to money laundering linked to Ryuk Ransomware operation

A Russian national pleaded guilty in the U.S. to money laundering charges linked to the Ryuk ransomware operation. On February 7, 2023, Russian national Denis Mihaqlovic Dubnikov (30) pleaded guilty in the U.S. to one count of conspiracy to commit money laundering for the Ryuk ransomware operation. Denis Mihaqlovic Dubnikov, 30, was arrested in Amsterdam in November […]

The post Russian national pleads guilty to money laundering linked to Ryuk Ransomware operation appeared first on Security Affairs.

February 8, 2023
0 comment
Read More >>

New Linux variant of Clop Ransomware uses a flawed encryption algorithm

A new Linux variant of the Clop ransomware has been observed in the wild, the good news is that its encryption algorithm is flawed. SentinelLabs researchers have observed the first Linux variant of the Clop ransomware. The researchers noticed that the encryption algorithm implemented in the ELF executable is flawed and can allow victims to […]

The post New Linux variant of Clop Ransomware uses a flawed encryption algorithm appeared first on Security Affairs.

February 8, 2023
0 comment
Read More >>

Italy, France and Singapore Warn of a Spike in ESXI Ransomware

ESXi ransomware targeted thousands of VMware servers in a global-scale campaign, security experts and international CERTs warn. Thousands of computer servers have been targeted by a global ransomware hacking attack targeting VMware (VMW.N) ESXi servers. ESXi is VMware’s hypervisor, a technology that allows organizations to host several virtualized computers running multiple operating systems on a […]

The post Italy, France and Singapore Warn of a Spike in ESXI Ransomware appeared first on Security Affairs.

February 7, 2023
0 comment
Read More >>

Royal Ransomware adds support for encrypting Linux, VMware ESXi systems

Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines. Other ransomware operators already support Linux encrypting, including AvosLocker, Black Basta, BlackMatter, HelloKitty, Hive, […]

The post Royal Ransomware adds support for encrypting Linux, VMware ESXi systems appeared first on Security Affairs.

February 6, 2023
0 comment
Read More >>

Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers

The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers. The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers worldwide, including Italian systems. The attackers are attempting to exploit the CVE-2021–21974 vulnerability. According to the ACN, most of the attacks […]

The post Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers appeared first on Security Affairs.

February 6, 2023
0 comment
Read More >>

CERT-FR warns of a new wave of ransomware attacks targeting VMware ESXi servers

A new wave of ransomware attacks is targeting VMware ESXi servers to deliver ransomware, CERT of France warns. The French Computer Emergency Response Team (CERT-FR) warns that threat actors are targeting VMware ESXi servers to deploy ransomware. CERT-FR reported that threat actors behind these ransomware attackers are actively exploiting the vulnerability CVE-2021-21974. “OpenSLP as used […]

The post CERT-FR warns of a new wave of ransomware attacks targeting VMware ESXi servers appeared first on Security Affairs.

February 4, 2023
0 comment
Read More >>

Tallahassee Memorial HealthCare, Florida, has taken IT systems offline after cyberattack

The Tallahassee Memorial HealthCare (TMH) hospital in Florida was forced to take offline its systems after a cyberattack. The Tallahassee Memorial HealthCare (TMH) hospital has taken its IT systems offline and suspended non-emergency procedures after a cyberattack. The attack took place on Thursday, the cyberattack hit some of the systems at the hospital. The Tallahassee […]

The post Tallahassee Memorial HealthCare, Florida, has taken IT systems offline after cyberattack appeared first on Security Affairs.

February 4, 2023
0 comment
Read More >>

Onenote Malware: Classification and Personal Notes

During the past 4 months Microsoft Onenote file format has been (ab)used as Malware carrier by different criminal groups. While the main infection vector is still on eMail side – so nothing really relevant to write on – the used techniques, the templates and the implemented code to inoculate Malware changed a lot. So it […]

February 4, 2023
0 comment
Read More >>

New Prilex PoS Malware evolves to target NFC-enabled credit cards

Authors of the Prolex PoS malware improved their malicious code to target contactless credit card transactions. The threat actors behind the sophisticated point-of-sale (PoS) malware Prilex have have improved its capabilities to block contactless payment transactions. Researchers from Kaspersky Lab discovered three new versions of the PoS malware designed to target credit cards using NFC technology. […]

The post New Prilex PoS Malware evolves to target NFC-enabled credit cards appeared first on Security Affairs.

February 1, 2023
0 comment
Read More >>