New Linux variant of Clop Ransomware uses a flawed encryption algorithm

A new Linux variant of the Clop ransomware has been observed in the wild, the good news is that its encryption algorithm is flawed. SentinelLabs researchers have observed the first Linux variant of the Clop ransomware. The researchers noticed that the encryption algorithm implemented in the ELF executable is flawed and can allow victims to decrypt...

6h

VMware has no evidence of zero-day exploitation in ESXiArgs ransomware attacks

VMware said there is no evidence that threat actors are exploiting a zero-day flaw in its software as part of an ongoing ESXiArgs ransomware campaign. VMware said that it found no evidence that the threat actors behind the ongoing ESXiArgs ransomware attacks are leveraging a zero-day vulnerability in VMware ESXi servers. “VMware...

14h

OpenSSH addressed a new pre-auth double free vulnerability

The maintainers of OpenSSH address multiple security issues, including a memory safety bug in the OpenSSH server (sshd). The maintainers of OpenSSH have addressed a number of security vulnerabilities with the release of version 9.2. One of the issues addressed by the maintainers is a memory safety bug in the OpenSSH server (sshd)...

19h

Anonymous leaked 128GB of data stolen from Russian ISP Convex revealing FSB’s warrantless surveillance

The popular collective Anonymous has leaked 128 GB of data allegedly stolen from the Russian Internet Service Provider Convex. The collective Anonymous released last week 128 gigabytes of documents that were allegedly stolen from the Russian Internet Service Provider Convex. The huge trove of data was leased by an affiliate of Anonymous’s affiliate...

22h

Italy, France and Singapore Warn of a Spike in ESXI Ransomware

ESXi ransomware targeted thousands of VMware servers in a global-scale campaign, security experts and international CERTs warn. Thousands of computer servers have been targeted by a global ransomware hacking attack targeting VMware (VMW.N) ESXi servers. ESXi is VMware’s hypervisor, a technology that allows organizations to host several...

1d

Royal Ransomware adds support for encrypting Linux, VMware ESXi systems

Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines. Other ransomware operators already support Linux encrypting,...

1d

Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers

The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers. The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers worldwide, including Italian systems. The attackers are attempting to exploit the CVE-2021–21974...

1d

Microsoft attributes Charlie Hebdo data leak to Iran-linked NEPTUNIUM APT

Microsoft attributes a recent cyber attack against the satirical French magazine Charlie Hebdo to an Iran-linked NEPTUNIUM APT group.  Microsoft’s Digital Threat Analysis Center (DTAC) attributes a recent cyberattacks against the satirical French magazine Charlie Hebdo to an Iran-linked threat actor tracked as NEPTUNIUM (aka Emennet Pasargad,...

2d

Security Affairs newsletter Round 405 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities CatalogGoAnywhere...

2d

CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities Catalog

US CISA added actively exploited vulnerabilities in SugarCRM and Oracle products to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added Oracle and SugarCRM flaws, respectively tracked as CVE-2022-21587 and CVE-2023-22952, to its Known Exploited Vulnerabilities Catalog. The...

3d