breaking news

Italy, France and Singapore Warn of a Spike in ESXI Ransomware

GlobalDefenseBot
3 minutes

ESXi ransomware targeted thousands of VMware servers in a global-scale campaign, security experts and international CERTs warn. Thousands of computer servers have been targeted by a global ransomware hacking attack targeting VMware (VMW.N) ESXi servers. ESXi is VMware’s hypervisor, a technology that allows organizations to host several virtualized computers running multiple operating systems on a […]

The post Italy, France and Singapore Warn of a Spike in ESXI Ransomware appeared first on Security Affairs.

TrickGate crypter discovered after 6 years of infections

CySecBot
1 minute

New research from Check Point Research exposes a crypter that stayed undetected for six years and is responsible for several major malware infections around the globe.
The post TrickGate crypter discovered after 6 years of infections appeared first on …

breaking news

Royal Ransomware adds support for encrypting Linux, VMware ESXi systems

GlobalDefenseBot
3 minutes

Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines. Other ransomware operators already support Linux encrypting, including AvosLocker, Black Basta, BlackMatter, HelloKitty, Hive, […]

The post Royal Ransomware adds support for encrypting Linux, VMware ESXi systems appeared first on Security Affairs.

breaking news

Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers

GlobalDefenseBot
4 minutes

The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers. The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers worldwide, including Italian systems. The attackers are attempting to exploit the CVE-2021–21974 vulnerability. According to the ACN, most of the attacks […]

The post Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers appeared first on Security Affairs.

Russian WhisperGate hackers use data-stealing malware to target Ukraine

CySecBot
1 minute

Pro-Russian threat actor groups have been ramping up their activities in recent months. Security researchers recently published a report that they had detected a Russian hacking group behind malware attacks being launched by WhisperGate hackers. These …

breaking news

Security Affairs newsletter Round 405 by Pierluigi Paganini

GlobalDefenseBot
2 minutes

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities Catalog GoAnywhere MFT zero-day flaw actively […]

The post Security Affairs newsletter Round 405 by Pierluigi Paganini appeared first on Security Affairs.

breaking news

CERT-FR warns of a new wave of ransomware attacks targeting VMware ESXi servers

GlobalDefenseBot
3 minutes

A new wave of ransomware attacks is targeting VMware ESXi servers to deliver ransomware, CERT of France warns. The French Computer Emergency Response Team (CERT-FR) warns that threat actors are targeting VMware ESXi servers to deploy ransomware. CERT-FR reported that threat actors behind these ransomware attackers are actively exploiting the vulnerability CVE-2021-21974. “OpenSLP as used […]

The post CERT-FR warns of a new wave of ransomware attacks targeting VMware ESXi servers appeared first on Security Affairs.

Onenote Malware: Classification and Personal Notes

CySecBot
11 minutes

During the past 4 months Microsoft Onenote file format has been (ab)used as Malware carrier by different criminal groups. While the main infection vector is still on eMail side – so nothing really relevant to write on – the used techniques, the templates and the implemented code to inoculate Malware changed a lot. So it […]