ransomware – Page 4 – Computer Security Articles

Credit to Author: Microsoft Threat Intelligence| Date: Mon, 29 Jul 2024 16:00:00 +0000

Microsoft Security researchers have observed a vulnerability used by various ransomware operators to get full administrative access to domain-joined ESXi hypervisors and encrypt the virtual machines running on them. The vulnerability involves creating a group called “ESX Admins” in Active Directory and adding an attacker-controlled user account to this group. This manipulation of the Active Directory group takes advantage of a privilege escalation vulnerability (CVE-2024-37085) in ESXi hypervisors that grants the added user full administrative access to the ESXi hypervisor. The vulnerability was fixed by VMware in their June release and ESXi administrators should install this security update.

The post Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption appeared first on Microsoft Security Blog.

Security Sophos

July 30, 2024 admin

The State of Ransomware in Healthcare 2024

Credit to Author: Sally Adam| Date: Tue, 30 Jul 2024 13:52:07 +0000

402 healthcare IT/cybersecurity leaders share their latest ransomware experiences, revealing fresh insights into the realities facing the healthcare sector today.

Security Sophos

July 24, 2024 admin

Unlocking cyber insurance savings to fund MDR

Credit to Author: Sally Adam| Date: Wed, 24 Jul 2024 09:20:51 +0000

Redirecting risk reduction spend from cyber insurance to MDR services is a win-win, resulting in better protection and lower cost coverage.

Security Sophos

July 17, 2024 admin

The State of Ransomware in Critical Infrastructure 2024

Credit to Author: Doug Aamoth| Date: Wed, 17 Jul 2024 19:22:16 +0000

275 IT/cybersecurity leaders from the energy, oil/gas and utilities sector share their ransomware experiences, providing new insights into the business impact of ransomware.

MalwareBytes Security

July 17, 2024 admin

Rite Aid says 2.2 million people affected in data breach

Rite Aid has started notifying 2.2 million people that were affected by data breach that was part of a June ransomware attack.

Independent Krebs

July 10, 2024 admin

The Stark Truth Behind the Resurgence of Russia’s Fin7

Credit to Author: BrianKrebs| Date: Wed, 10 Jul 2024 16:22:59 +0000

The Russia-based cybercrime group dubbed “Fin7,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 — setting up thousands of websites mimicking a range of media and technology companies — with the help of Stark Industries Solutions, a sprawling hosting provider is a persistent source of cyberattacks against enemies of Russia.

Security Sophos

July 9, 2024 admin