Eldorado, a new ransomware-as-a-service (RaaS) group, has been linked to 16 ransomware attacks, with 13 occurring in the United States. The group targets VMware ESX servers and focuses on industries such as real estate, education, professional services, healthcare, and manufacturing. Eldorado first appeared on the “RAMP” forum in March 2024 and distributes versions of the … Read more
IBM and Microsoft have announced a strengthened collaboration on cybersecurity to assist clients in simplifying and modernizing their security operations and managing and protecting their identities in the hybrid cloud environment. This collaboration comes as organizations increasingly adopt hybrid cloud and AI technologies to drive innovation, necessitating advanced security capabilities to safeguard their most crucial … Read more
HPE is dedicated to enhancing and sustaining a secure and resilient supply chain environment to protect its customers against cyber threats, thus ensuring the security and efficiency of their business operations. The company is committed to investing in cybersecurity measures across its value chain and developing innovative solutions to reinforce the safety and transparency of … Read more
Hackers linked to China’s Ministry of State Security infiltrated the networks of Hewlett Packard Enterprise Co and IBM, using their access to hack into their clients’ computers. The attacks were part of the Cloudhopper campaign, targeting technology service providers to steal their clients’ secrets. While the specific MSPs targeted were not identified, IBM and HPE … Read more
A recent report from kyiv’s military intelligence service (HUR) revealed that a surveillance satellite acquired through a Ukrainian crowdfunding campaign has been instrumental in targeting over 1,500 Russian assets. The satellite, developed by ICEYE Ltd., has captured thousands of images of Russian military facilities, including airfields, naval bases, and missile production sites. These images have … Read more
Several critical vulnerabilities have been discovered in VMware software that could allow remote code execution attacks. These vulnerabilities were found in VMware vCenter Server, a centralized management tool for virtualized environments. The security flaws could potentially allow threat actors to gain control of systems, access sensitive information, and disrupt operations. The vulnerabilities affect versions 6.5, … Read more
A recent report by Mandiant has revealed that a China-linked cyber espionage actor known as UNC3886 has been exploiting zero-day vulnerabilities in Fortinet, Ivanti, and VMware devices. This threat actor has been using multiple persistence mechanisms to maintain access to compromised environments, including network devices, hypervisors, and virtual machines. The attacks orchestrated by UNC3886 have … Read more
Aerospace company Boeing recently experienced a ransomware attack and has shared details with the cybersecurity agency CISA. This move is seen as historic for a company of Boeing’s size. The advisory, published on November 22, includes tactics, techniques, and procedures provided by the FBI and other agencies. CISA director Jen Easterly praised Boeing for its … Read more
The U.S. Department of Health and Human Services has issued a warning to hospitals and healthcare facilities regarding a vulnerability known as “Citrix Bleed” that is being exploited by ransomware gangs. This vulnerability, tracked as CVE-2023-4966, affects Citrix NetScaler ADC and NetScaler Gateway appliances used by enterprises for managing network traffic. Several companies, including Toyota … Read more
Citrix’s NetScaler ADC and NetScaler Gateway products have been targeted once again by two new zero-day vulnerabilities. The vulnerabilities, known as CVE-2023-6549 and CVE-2023-6548, were recently disclosed and patched. CVE-2023-6549 is considered a high severity denial of service flaw, while CVE-2023-6548 allows for remote code execution in management interfaces by authenticated attackers. Exploits for these … Read more