Ransomware

Citrix Bleed Vulnerability (CVE-2023-4966) Exploited by LockBit Ransomware Affiliates

by
Citrix Bleed Vulnerability (CVE-2023-4966) Exploited by LockBit Ransomware Affiliates

Cybersecurity agencies have issued a warning about a critical vulnerability in Citrix application delivery controllers and gateways known as CVE-2023-4966 or “Citrix Bleed.” This vulnerability allows attackers to bypass authentication and gain deep access to networks, making it easy for them to deploy ransomware and extract sensitive data. Affected versions of Citrix software include NetScaler … Read more

New variation of Mallox ransomware focusing on privileged VMWare ESXi environments

by
New variation of Mallox ransomware focusing on privileged VMWare ESXi environments

The Mallox ransomware group is targeting VMware ESXi environments with a new Linux variant that specifically aims to deploy its payload on machines with high-level user privileges, as discovered by researchers at Trend Micro. Mallox, also known as Fargo and Tohnichi, have been active since June 2021 and have infected hundreds of organizations worldwide, primarily … Read more

TargetCompany Ransomware Targets VMware ESXi on Linux Systems

by
TargetCompany Ransomware Targets VMware ESXi on Linux Systems

A new Linux variant of the TargetCompany ransomware family has been identified by researchers, focusing on VMware ESXi environments and using a custom shell script to deliver payloads. The ransomware, previously known as Mallox, FARGO, and Tohnichi, emerged in June 2021 targeting database attacks primarily in Taiwan, South Korea, Thailand, and India. Antivirus company Avast … Read more

TargetCompany Uses Linux Ransomware to Target VMware ESXi

by
TargetCompany Uses Linux Ransomware to Target VMware ESXi

BleepingComputer recently reported on a series of attacks using a Linux variant of the TargetCompany ransomware, which is also known as FARGO, Mallox, and Tohnichi. These attacks specifically targeted VMware ESXi environments and were carried out by the ransomware affiliate “Vampire,” who is also suspected of targeting vulnerable Microsoft SQL servers. The attackers used a … Read more

TargetCompany ransomware now infecting VMware ESXi environments with Linux version

by
TargetCompany ransomware now infecting VMware ESXi environments with Linux version

A new variant of the TargetCompany ransomware family has been discovered targeting VMware ESXi environments using a custom shell script for payload delivery and data exfiltration. This marks the first time such a technique has been observed in the wild. The Linux-based variant was specifically designed for the VMware ESXi environment. Operating since June 2021, … Read more

HHS-HC3 Urges Hospitals to Act Quickly to Safeguard Against ‘Citrix Bleed’ Vulnerability and Ransomware Threat | AHA News

by
HHS-HC3 Urges Hospitals to Act Quickly to Safeguard Against ‘Citrix Bleed’ Vulnerability and Ransomware Threat | AHA News

The Health Sector Cybersecurity Coordination Center of the Department of Health and Human Services is warning hospitals and other critical infrastructure about a serious ransomware threat known as the “Citrix Bleed” vulnerability. This vulnerability is being exploited by ransomware gangs like LockBit 3.0 to bypass password requirements and multi-factor authentication measures. It is crucial for … Read more

Ransomware attacks against VMware ESXi infrastructure are using a new method

by
Ransomware attacks against VMware ESXi infrastructure are using a new method

Sygnia cybersecurity experts have observed a rise in ransomware attacks targeting virtualized environments, particularly VMware ESXi infrastructure. Threat actors are exploiting vulnerabilities and misconfigurations in virtualization platforms to exfiltrate data before encrypting systems. Notorious ransomware groups such as LockBit and BlackMatter are using this attack vector. These attackers shut down virtual machines before encryption, making … Read more

Ransomware Attacks Exploit Vulnerabilities in VMware ESXi in an Alarming Pattern

by
Ransomware Attacks Exploit Vulnerabilities in VMware ESXi in an Alarming Pattern

Ransomware attacks targeting VMware ESXi infrastructure follow a set pattern, with threat actors gaining access through phishing attacks and known vulnerabilities, escalating privileges to compromise ESXi hosts or vCenter, and deploying ransomware. Organizations are advised to implement monitoring and logging, robust backup mechanisms, strong authentication measures, network restrictions, and hardening of the environment to mitigate … Read more

HPE’s Zerto Vault seamlessly integrates with Alletra Storage to enhance ransomware protection – as reported by Blocks and Files

by
HPE’s Zerto Vault seamlessly integrates with Alletra Storage to enhance ransomware protection – as reported by Blocks and Files

HPE’s Zerto business unit has teamed up with the HPE Alletra MP Storage system to enhance protection against cyber attacks, specifically ransomware. The integration of Zerto’s Cyber Resilience Vault with the Alletra Storage system promises rapid recovery after attacks, utilizing enhanced immutability features to prevent threat actors from accessing data copies. The Vault, which offers … Read more

African Chief Information Officers Taking the Lead: Embracing Multicloud, Strengthening Against Ransomware, and Advancing Sustainable IT

by
African Chief Information Officers Taking the Lead: Embracing Multicloud, Strengthening Against Ransomware, and Advancing Sustainable IT

In the rapidly evolving world of African IT ecosystems, Chief Information Officers (CIOs) and technology leaders are facing important questions about their goals for 2024, the challenges that keep them awake at night, and where they plan to invest their resources. These leaders are looking to innovate, protect against data breaches, and embrace modernization, security, … Read more