Reuters reports: Thousands of computer servers have been targeted by a global ransomware hacking attack targeting VMware (VMW.N) ESXi servers, Italy’s National Cybersecurity Agency (ACN) said on Sunday, warning organisations to take action to protect their systems. The hacking attack sought to exploit a software vulnerability, ACN director general Roberto Baldoni told Reuters, adding it was on…
Category: Malware
WVa: Cybersecurity Incident Under Investigation in Berkeley County Schools — 19,000 Students Have Day Off
Marsha Chwalik reports: Students got the day out of school in Berkeley County on Monday (February 06), but it was a workday for staff. This after a cybersecurity incident in the district Friday. Berkeley County Schools sent out a message saying they are investigating the “cause and scope.” Berkeley County Schools experienced a network…
The FBI tried in vain: The Russian case against REvil turned out to be insignificant
The following is a machine translation of an article on Kommersant.ru: The FBI tried in vain As it became known to “Kommersant”, the investigative department of the Ministry of Internal Affairs of the Russian Federation completed the investigation of the criminal case of the so-called international group of hackers REvil, information about which was provided…
Four more attacks on the healthcare sector, weekend edition
UPDATE of Feb. 10, 2023: Regal Medical Group notified HHS that their incident impacted 3,300,638 patients. Original Post: It may be the weekend, but there’s no rest for the weary when it comes to tracking attacks on the healthcare sector. Here are four more incidents you may not have heard about already: Cardiovascular Associates Cardiovascular…
Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide; more than 500 systems affected already
Sergiu Gatlan reports: Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy ransomware. Tracked as CVE-2021-21974, the security flaw is caused by a heap overflow issue in the OpenSLP service that can be exploited by unauthenticated…
Hackers who breached ION say ransom paid; company declines comment
Raphael Satter reports: The hackers who claimed responsibility for a disruptive breach at financial data firm ION say a ransom has been paid, although they declined to say how much it was or offer any evidence that the money had been handed over. ION Group declined to comment on the statement. Lockbit communicated the claim…