Lawrence Abrams reports: New ESXiArgs ransomware attacks are now encrypting more extensive amounts of data, making it much harder, if not impossible, to recover encrypted VMware ESXi virtual machines. Last Friday, a massive and widespread automated ransomware attack encrypted over 3,000 Internet-exposed VMware ESXi servers using a new ESXiArgs ransomware. Preliminary reports indicated that the devices were breached…
Category: Of Note
U.S. and U.K. sanction TrickBot and Conti ransomware operation members
Lawrence Abrams reports: The United States and the United Kingdom have sanctioned seven Russian individuals for their involvement in the TrickBot cybercrime group, whose malware was used to support attacks by the Conti and Ryuk ransomware operation. […] Today, the United States and the United Kingdom have sanctioned seven individuals for their involvement in the…
“Now, hundreds of debts have been forgiven. Hundreds of rejections have been accepted:” Claims by hacker of Chile’s General Treasury of the Republic.
Access to Tesorería General de la República, the General Treasury of the Republic of Chile (TGR) may be up for sale on a popular hacking forum. A forum post claiming that tesorería.cl and tgr.cl had been hacked was first reported by Germán Fernández on Twitter on January 30. The post by a new forum member…
Insurers Say Cyberattack That Hit Merck Was Warlike Act, Not Covered
Richard Vanderford reports on another attempt by insurers to avoid having to cover costs involved in a cyberattack by applying the common war exclusion: The costly NotPetya cyberattack, which the U.S. blamed on Russia, should be considered a “cyber nuclear attack,” insurers argued as they urged judges to overturn a legal win by Merck & Co. in…
CISA Releases Recovery Tool for VMware Ransomware Victims
Phil Muncaster reports: The US Cybersecurity and Infrastructure Security Agency (CISA) has published a new script designed to help ransomware victims recover any VMware virtual machines (VMs) impacted by a current global campaign. Ransomware payment tracker Ransomwhere estimated the number of victims at 3800, based on an “internet-wide” scanning effort on Monday. It said four payments had been made…
Hong Kong police and Interpol uncover servers and apps used by global phishing syndicate
Clifford Lo reports: Hong Kong police have cracked the local operation of an international phishing syndicate that used 563 bogus mobile applications to spy on phones globally and steal information. Officers also tracked down 258 servers around the world that were linked with the apps, according to Senior Superintendent Raymond Lam Cheuk-ho of the force’s…