Security Affairs

Royal Ransomware adds support for encrypting Linux, VMware ESXi systems

Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines. Other ransomware operators already support Linux encrypting, including AvosLocker, Black Basta, BlackMatter, HelloKitty, Hive, […]

The post Royal Ransomware adds support for encrypting Linux, VMware ESXi systems appeared first on Security Affairs.

February 6, 2023
0 comment
Read More >>

Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers

The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers. The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers worldwide, including Italian systems. The attackers are attempting to exploit the CVE-2021–21974 vulnerability. According to the ACN, most of the attacks […]

The post Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers appeared first on Security Affairs.

February 6, 2023
0 comment
Read More >>

Microsoft attributes Charlie Hebdo data leak to Iran-linked NEPTUNIUM APT

Microsoft attributes a recent cyber attack against the satirical French magazine Charlie Hebdo to an Iran-linked NEPTUNIUM APT group.  Microsoft’s Digital Threat Analysis Center (DTAC) attributes a recent cyberattacks against the satirical French magazine Charlie Hebdo to an Iran-linked threat actor tracked as NEPTUNIUM (aka Emennet Pasargad, Holy Souls). The attack is a retaliation for […]

The post Microsoft attributes Charlie Hebdo data leak to Iran-linked NEPTUNIUM APT appeared first on Security Affairs.

February 5, 2023
0 comment
Read More >>

Security Affairs newsletter Round 405 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities Catalog GoAnywhere MFT zero-day flaw actively […]

The post Security Affairs newsletter Round 405 by Pierluigi Paganini appeared first on Security Affairs.

February 5, 2023
0 comment
Read More >>

CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities Catalog

US CISA added actively exploited vulnerabilities in SugarCRM and Oracle products to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added Oracle and SugarCRM flaws, respectively tracked as CVE-2022-21587 and CVE-2023-22952, to its Known Exploited Vulnerabilities Catalog. The CVE-2022-21587 flaw (CVSS score 9.8) affects the Oracle E-Business Suite, which is a set […]

The post CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities Catalog appeared first on Security Affairs.

February 4, 2023
0 comment
Read More >>

GoAnywhere MFT zero-day flaw actively exploited

Threat actors are actively exploiting a zero-day vulnerability affecting Fortra’s GoAnywhere MFT managed file transfer application. Experts warn that threat actors are actively exploiting a zero-day vulnerability in Fortra’s GoAnywhere MFT managed file transfer application. The popular investigator Brian Krebs first revealed details about the zero-day on Mastodon and pointed out that Fortra has yet […]

The post GoAnywhere MFT zero-day flaw actively exploited appeared first on Security Affairs.

February 4, 2023
0 comment
Read More >>

CERT-FR warns of a new wave of ransomware attacks targeting VMware ESXi servers

A new wave of ransomware attacks is targeting VMware ESXi servers to deliver ransomware, CERT of France warns. The French Computer Emergency Response Team (CERT-FR) warns that threat actors are targeting VMware ESXi servers to deploy ransomware. CERT-FR reported that threat actors behind these ransomware attackers are actively exploiting the vulnerability CVE-2021-21974. “OpenSLP as used […]

The post CERT-FR warns of a new wave of ransomware attacks targeting VMware ESXi servers appeared first on Security Affairs.

February 4, 2023
0 comment
Read More >>

Tallahassee Memorial HealthCare, Florida, has taken IT systems offline after cyberattack

The Tallahassee Memorial HealthCare (TMH) hospital in Florida was forced to take offline its systems after a cyberattack. The Tallahassee Memorial HealthCare (TMH) hospital has taken its IT systems offline and suspended non-emergency procedures after a cyberattack. The attack took place on Thursday, the cyberattack hit some of the systems at the hospital. The Tallahassee […]

The post Tallahassee Memorial HealthCare, Florida, has taken IT systems offline after cyberattack appeared first on Security Affairs.

February 4, 2023
0 comment
Read More >>

Exploitation attempts for Oracle E-Business Suite flaw observed after PoC release

Threat actors started exploiting a critical Oracle E-Business Suite flaw, tracked as CVE-2022-21587, shortly after a PoC was published. Shadowserver researchers warn that threat actors have started attempting to exploit critical Oracle E-Business Suite flaw (CVE-2022-21587) shortly after a PoC was published. The E-Business Suite is a set of enterprise applications that allows organizations automate […]

The post Exploitation attempts for Oracle E-Business Suite flaw observed after PoC release appeared first on Security Affairs.

February 3, 2023
0 comment
Read More >>

VMware Workstation update fixes an arbitrary file deletion bug

VMware addressed a high-severity privilege escalation vulnerability, tracked as CVE-2023-20854, in VMware Workstation. VMware fixed a high-severity privilege escalation flaw, tracked as CVE-2023-20854, that impacts Workstation. An attacker can exploit the vulnerability to delete arbitrary files on Workstation version 17.x for Windows OS.  “An arbitrary file deletion vulnerability in VMware Workstation was privately reported to VMware. Updates are […]

The post VMware Workstation update fixes an arbitrary file deletion bug appeared first on Security Affairs.

February 3, 2023
0 comment
Read More >>