Remove Encryption Remove Hacking Remove Information Security Remove Ransomware
article thumbnail

Cactus ransomware gang claims the Schneider Electric hack

Security Affairs

Energy management and industrial automation firm Schneider Electric suffered a data breach after a Cactus ransomware attack. The attack was carried out by the Cactus ransomware gang , which claims to have stolen terabytes of corporate data from the company. The Cactus ransomware relies on multiple legitimate tools (e.g.

article thumbnail

Black Basta ransomware now supports encrypting VMware ESXi servers

Security Affairs

Black Basta ransomware gang implemented a new feature to encrypt VMware ESXi virtual machines (VMs) running on Linux servers. The Black Basta ransomware gang now supports encryption of VMware ESXi virtual machines (VMs) running on Linux servers. SecurityAffairs – hacking, Black Basta ransomware).

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Royal Ransomware adds support for encrypting Linux, VMware ESXi systems

Security Affairs

Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines.

article thumbnail

Information Security News headlines trending on Google

CyberSecurity Insiders

Second is the news about a Sydney-based cancer treatment facility that became a victim of a ransomware attack. Third is the news related to the City of Dallas, where the servers of the Dallas Police Department have fallen prey to a ransomware attack, thus disrupting systems related to emergencies and other calls.

article thumbnail

Linux variant of Cerber ransomware targets Atlassian servers

Security Affairs

Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. At the end of October 2023, Atlassian warned of a critical security flaw, tracked as CVE-2023-22518 (CVSS score 9.1), that affects all versions of Confluence Data Center and Server.

article thumbnail

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers. “Akira threat actors utilize a sophisticated hybrid encryption scheme to lock data.

article thumbnail

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.