Sergiu Gatlan reports: Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy ransomware. Tracked as CVE-2021-21974, the security flaw is caused by a heap overflow issue in the OpenSLP service that can be exploited by unauthenticated…
Category: Malware
Hackers who breached ION say ransom paid; company declines comment
Raphael Satter reports: The hackers who claimed responsibility for a disruptive breach at financial data firm ION say a ransom has been paid, although they declined to say how much it was or offer any evidence that the money had been handed over. ION Group declined to comment on the statement. Lockbit communicated the claim…
Bits ‘n Pieces (Trozos y Piezas)
EC: Seguros Equinoccial S.A data keaked by Vice Society On January 28, data allegedly from Seguros Equinoccial S.A. was added to Vice Society’s leak site. Seguros Equinoccial offers various kinds of life, auto, corporate, and other insurance plans to individuals, families, and businesses. Inspection of the leaked data revealed a folder called “bck” with 25…
FL: Tallahassee Memorial hospital victim of suspected ransomware attack
Peter Schorsch reports: Tallahassee Memorial HealthCare is postponing all non-emergency patient procedures as officials manage an Information Technology security issue that occurred late Thursday night, according to a memo from the hospital. The IT security breach is a suspected ransomware attack, according to sources with knowledge of the situation. Read more at Florida Politics. The following…
Eight arrested for hacking bank accounts using ‘Nepali Keti’ app
Republica reports: Police have apprehended eight people involved in withdrawing hundreds of thousands of rupees by hacking bank accounts using an app called ‘Nepali Keti’. According to the police, the group of people used to get access to vital information of anyone who opened the app and then exploited the data to empty the bank…
Circles of Care sued over data breach involving confidential and sensitive information
Circles of Care is a healthcare provider in Florida offering diagnostic and treatment services to those with behavioral, substance abuse, or mental health issues. In September 2022, they were the victim of a ransomware attack. Circles of Care first detected anomalous activity on their server on September 21, but according to their recent website notice,…