Latest News Articles
--- TLP:WHITE ---
News
− Dutch, European Hospitals ‘Hit by Pro-Russian Hackers’
Dutch cyber authorities said several hospital websites in the Netherlands and Europe were likely targeted by a pro-Kremlin hacking group because of their countries' support for Ukraine.
https://www.securityweek.com/dutch-european-hospitals-hit-by-pro-russian-hackers/− Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide
Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy ransomware.
https://www.bleepingcomputer.com/news/security/massive-esxiargs-ransomware-attack-targets-vmware-esxi-servers-worldwide/Vulnerabilities
ESXi servers worldwide encrypted using CVE-2021-21974
Attackers are exploiting ESXi servers to deploy ransomware. code on the exploited system.
https://www.ncsc.gov.ie/pdfs/NCSC_Alert_ESXi_Servers_Encrypted.pdf− CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on February 2 added two security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. The first of the two vulnerabilities is CVE-2022-21587 (CVSS score: 9.8), a critical issue impacting versions 12.2.3 to 12.2.11 of the Oracle Web Applications Desktop Integrator product.
https://thehackernews.com/2023/02/cisa-alert-oracle-e-business-suite-and.html− New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers
VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised systems. "These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021," the Computer Emergency Response Team (CERT) of France said in an advisory on Friday.
https://thehackernews.com/2023/02/new-wave-of-ransomware-attacks.htmlAdvisory issued by CERT-FR
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-015/Community News
CERT-EU Cyber Security Brief (January 2023)
CERT-EU analysed 248 open source reports and presented their findings.
https://cert.europa.eu/static/MEMO/2023/TLP-CLEAR-CB-23-02.pdf--- TLP:WHITE ---