CyberSecurity Updates

07 Feb

VMware ESXi Servers Targeted by Linux Variant of Royal Ransomware

Attacks, Malware

Hypervisors like ESXi continue to become more ubiquitous due to the power and convenience of managing virtual machines rather than physical ones. Unfortunately, that power and convenience also attract threat actors. The compromise of a hypervisor also implies the compromise of every virtual machine housed within. In a single stroke, dozens to hundreds of critical virtual machines could be encrypted and held for ransom. ESXi servers are particularly vulnerable, inciting the recent trend of ransomware…

Read More
07 Feb

GoAnywhere MFT Zero-Day Exploit Proof-of-Concept Released

Attacks, Malware

Any users of GoAnywhere MFT should assume compromise, and remove public-facing internet access to the tool and rotate the master encryption key and any passwords used for access. The security bulletin released by the developer includes a stacktrace that administrators can look for in the logs to determine if the exploit was uses against the system. Additionally, administrators should deploy the security patch as soon as change management allows. Companies should endeavor to always bring…

Read More
07 Feb

Clop Ransomware Targeting Linux Systems

Attacks, Malware

Ransomware groups are always working to find new targets and develop new strains of ransomware that will increase their target lists and maximize their profits. With lots of companies moving to cloud-based computing, most of it being run on Linux, this shift from Clop is not unexpected. A number of ransomware operations are now targeting vulnerable VMWare ESXi servers, thousands of which have recently transitioned to end-of-life status and are no longer receiving official security…

Read More
07 Feb

Software Supply Chain Security Firm Lineaje Raises $7 Million

Information, News

Software supply chain security startup Lineaje today announced that it has raised $7 million in a seed funding round led by Tenable Ventures. Dreamit Ventures and Veear Capital also participated in the investment round, along with various angel investors. Founded in 2021, the Saratoga, California-based company helps organizations secure their software supply chain, regardless of whether they are the developers, suppliers, or users of software. Lineaje’s SB0M360 software supply chain management solution can identify all…

Read More
07 Feb

What CISOs need to know about the renewal of FISA Section 702

Data Breaches, Malware, Social Engineering

In our hyperconnected world, multinational organizations operate within and across multiple nation-states. Those who do business within the United States will want to keep their eye on the status of Section 702 of the Foreign Intelligence Surveillance Act (FISA), which sets out procedures for physical and electronic surveillance and collection of foreign intelligence. Section 702 specifically addresses how the US government can conduct targeted surveillance of foreign persons located outside the US, with the compelled…

Read More
07 Feb

MKS Instruments falls victim to ransomware attack

Data Breaches, Malware, Social Engineering

Semiconductor equipment maker MKS Instruments is investigating a ransomware event that occurred on February 3 and impacted its production-related systems, the company said in a filing with the US Security and Exchange Commission. MKS Instruments is an Andover, Massachusetts-based provider of subsystems for semiconductor manufacturing, wafer level packaging, package substrate and printed circuit boards. An email sent to MKS Instruments seeking more information about the attack remained unanswered, while the company’s website continued to be inaccessible at the time…

Read More
06 Feb

Finnish psychotherapy extortion suspect arrested in France

Information

by Naked Security writer In October 2022, we asked you to imagine being stuck in the following awful situation: Imagine that you’d spoken in what you thought was total confidence to a psychotherapist, but the contents of your sessions had been saved for posterity, along with precise personal identification details such as your unique national ID number, and perhaps including additional information such as notes about your relationship with your family… …and then, as if…

Read More
06 Feb

Tracers in the Dark: The Global Hunt for the Crime Lords of Crypto

Information

by Paul Ducklin DO WE REALLY NEED A NEW “WAR AGAINST CRYPTOGRAPHY”? We talk to renowned cybersecurity author Andy Greenberg about his tremendous new book, Tracers in the Dark. Hear Andy’s thoughtful commentary on cybercrime, law enforcement, anonymity, privacy, and whether we really need a “war against cryptography” – codes and ciphers that the government can easily crack if it thinks there’s an emergency – to cement our collective online security. Click-and-drag on the soundwaves…

Read More
06 Feb

Massive ransomware attack targets VMware ESXi servers worldwide

Data Breaches, Malware, Social Engineering

A global ransomware attack has targeted thousands of servers running the VMware ESxi hypervisor, with many more servers expected to be affected, according to national cybersecurity agencies and security experts around the world. The Computer Emergency Response Team of France (CERT-FR) was the first to notice and send an alert about the attack. “On February 3, CERT-FR became aware of attack campaigns targeting VMware ESXi hypervisors with the aim of deploying ransomware on them,” CERT-FR wrote. …

Read More
06 Feb

Comcast Wants a Slice of the Enterprise Cybersecurity Business

Information, News

Telco and media conglomerate Comcast has jumped headfirst into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace. The Philadelphia technology giant has created a new cybersecurity business unit led by former Zscaler executive Nicole Bucala to develop and sell what Comcast is describing as a “security data fabric platform. In a note announcing the new business unit, Comcast said the long-term plan is to…

Read More