FreshRSS

🔒
△ 🔃
☐ ☆ ✇ The Hacker News

Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems

By Ravie Lakshmanan — May 11th 2023 at 10:32
Multiple threat actors have capitalized on the leak of Babuk (aka Babak or Babyk) ransomware code in September 2021 to build as many as nine different ransomware families capable of targeting VMware ESXi systems. "These variants emerged through H2 2022 and H1 2023, which shows an increasing trend of Babuk source code adoption," SentinelOne security researcher Alex Delamotte said in a report
☐ ☆ ✇ The Hacker News

ESXiArgs Ransomware Hits Over 500 New Targets in European Countries

By Ravie Lakshmanan — February 16th 2023 at 10:13
More than 500 hosts have been newly compromised en masse by the ESXiArgs ransomware strain, most of which are located in France, Germany, the Netherlands, the U.K., and Ukraine. The findings come from attack surface management firm Censys, which discovered "two hosts with strikingly similar ransom notes dating back to mid-October 2022, just after ESXi versions 6.5 and 6.7 reached end of life."
☐ ☆ ✇ The Hacker News

New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool

By Ravie Lakshmanan — February 11th 2023 at 13:36
After the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a decryptor for affected victims to recover from ESXiArgs ransomware attacks, the threat actors have bounced back with an updated version that encrypts more data. The emergence of the new variant was reported by a system administrator on an online forum, where another participant stated that files larger than 128MB
☐ ☆ ✇ Naked Security

VMWare user? Worried about “ESXi ransomware”? Check your patches now!

By Paul Ducklin — February 7th 2023 at 19:59
To borrow from HHGttG, please DON'T PANIC. But if you are two years out of date with patches, please do ACT NOW!

☐ ☆ ✇ The Hacker News

VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree

By Ravie Lakshmanan — February 7th 2023 at 10:21
VMware on Monday said it found no evidence that threat actors are leveraging an unknown security flaw, i.e., a zero-day, in its software as part of an ongoing ransomware attack spree worldwide. "Most reports state that End of General Support (EoGS) and/or significantly out-of-date products are being targeted with known vulnerabilities which were previously addressed and disclosed in VMware
❌