Sergiu Gatlan reports: The LockBit ransomware operation has claimed the cyberattack on UK’s leading mail delivery service Royal Mail that forced the company to halt its international shipping services due to “severe service disruption.” This comes after LockBitSupport, the ransomware gang public-facing representative, previously told BleepingComputer that the LockBit cybercrime group did not attack Royal Mail. Instead, they blamed the attack…
Category: Malware
Italy warns hackers targeting known server vulnerability
Reuters reports: Thousands of computer servers have been targeted by a global ransomware hacking attack targeting VMware (VMW.N) ESXi servers, Italy’s National Cybersecurity Agency (ACN) said on Sunday, warning organisations to take action to protect their systems. The hacking attack sought to exploit a software vulnerability, ACN director general Roberto Baldoni told Reuters, adding it was on…
WVa: Cybersecurity Incident Under Investigation in Berkeley County Schools — 19,000 Students Have Day Off
Marsha Chwalik reports: Students got the day out of school in Berkeley County on Monday (February 06), but it was a workday for staff. This after a cybersecurity incident in the district Friday. Berkeley County Schools sent out a message saying they are investigating the “cause and scope.” Berkeley County Schools experienced a network…
The FBI tried in vain: The Russian case against REvil turned out to be insignificant
The following is a machine translation of an article on Kommersant.ru: The FBI tried in vain As it became known to “Kommersant”, the investigative department of the Ministry of Internal Affairs of the Russian Federation completed the investigation of the criminal case of the so-called international group of hackers REvil, information about which was provided…
Four more attacks on the healthcare sector, weekend edition
UPDATE of Feb. 10, 2023: Regal Medical Group notified HHS that their incident impacted 3,300,638 patients. Original Post: It may be the weekend, but there’s no rest for the weary when it comes to tracking attacks on the healthcare sector. Here are four more incidents you may not have heard about already: Cardiovascular Associates Cardiovascular…
Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide; more than 500 systems affected already
Sergiu Gatlan reports: Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy ransomware. Tracked as CVE-2021-21974, the security flaw is caused by a heap overflow issue in the OpenSLP service that can be exploited by unauthenticated…