Pierluigi Paganini
February 06, 2023
Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines. Other ransomware operators already support Linux encrypting, including AvosLocker, Black Basta, BlackMatter, HelloKitty, Hive, […]
Pierluigi Paganini
February 06, 2023
The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers. The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers worldwide, including Italian systems. The attackers are attempting to exploit the CVE-2021–21974 vulnerability. According to the ACN, most of the attacks […]
Pierluigi Paganini
February 05, 2023
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities Catalog GoAnywhere MFT zero-day flaw actively […]
Pierluigi Paganini
February 04, 2023
US CISA added actively exploited vulnerabilities in SugarCRM and Oracle products to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added Oracle and SugarCRM flaws, respectively tracked as CVE-2022-21587 and CVE-2023-22952, to its Known Exploited Vulnerabilities Catalog. The CVE-2022-21587 flaw (CVSS score 9.8) affects the Oracle E-Business Suite, which is a set […]
Pierluigi Paganini
February 04, 2023
Threat actors are actively exploiting a zero-day vulnerability affecting Fortra’s GoAnywhere MFT managed file transfer application. Experts warn that threat actors are actively exploiting a zero-day vulnerability in Fortra’s GoAnywhere MFT managed file transfer application. The popular investigator Brian Krebs first revealed details about the zero-day on Mastodon and pointed out that Fortra has yet […]
Pierluigi Paganini
February 04, 2023
A new wave of ransomware attacks is targeting VMware ESXi servers to deliver ransomware, CERT of France warns. The French Computer Emergency Response Team (CERT-FR) warns that threat actors are targeting VMware ESXi servers to deploy ransomware. CERT-FR reported that threat actors behind these ransomware attackers are actively exploiting the vulnerability CVE-2021-21974. “OpenSLP as used […]
Pierluigi Paganini
February 04, 2023
The Tallahassee Memorial HealthCare (TMH) hospital in Florida was forced to take offline its systems after a cyberattack. The Tallahassee Memorial HealthCare (TMH) hospital has taken its IT systems offline and suspended non-emergency procedures after a cyberattack. The attack took place on Thursday, the cyberattack hit some of the systems at the hospital. The Tallahassee […]
Pierluigi Paganini
February 03, 2023
Threat actors started exploiting a critical Oracle E-Business Suite flaw, tracked as CVE-2022-21587, shortly after a PoC was published. Shadowserver researchers warn that threat actors have started attempting to exploit critical Oracle E-Business Suite flaw (CVE-2022-21587) shortly after a PoC was published. The E-Business Suite is a set of enterprise applications that allows organizations automate […]
Pierluigi Paganini
February 03, 2023
Atlassian fixed a critical flaw in Jira Service Management Server and Data Center that can allow an attacker to impersonate another user and gain access to a Jira Service Management instance. Atlassian has released security updates to address a critical vulnerability in Jira Service Management Server and Data Center, tracked as CVE-2023-22501 (CVSS score: 9.4), […]
Pierluigi Paganini
February 03, 2023
Russia-linked threat actor Gamaredon employed new spyware in cyber attacks aimed at public authorities and critical information infrastructure in Ukraine. The State Cyber Protection Centre (SCPC) of Ukraine warns of a new wave of targeted attacks conducted by the Russia-linked APT group Gamaredon (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa). The attacks aimed at public authorities and critical information […]
APT / February 05, 2026
