1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Widespread cyberattack hits servers across Europe

    From TechnologyDaily@1337:1/100 to All on Mon Feb 6 12:30:03 2023
    Widespread cyberattack hits servers across Europe

    Date:
    Mon, 06 Feb 2023 12:16:05 +0000

    Description:
    A two-year-old flaw is being leveraged semi-automated in ransomware attacks, experts claim.

    FULL STORY ======================================================================

    Hackers are exploiting a known vulnerability in VMwares ESXi servers on a
    huge scale, targeting endpoints across Europe and North America, government officials and company spokespeople have confirmed.

    Italys National Cybersecurity Agency (ACN) has warned businesses using these VMware products to update their devices immediately, and thus stay safe from the ongoing cybercrime campaign.

    ANSA (a major Italian news agency) further said that besides servers in
    Italy, hackers also targeted those located in France, Finland, the United States, and Canada. 500 victims and counting

    Reports have claimed dozens of organizations in Italy were affected by the campaign. The agency says companies were warned to take action to avoid being locked out of their systems, suggesting that the attackers were using the vulnerability in ransomware campaigns.

    Across the Atlantic, US cybersecurity officials were analyzing the incoming reports:

    "CISA is working with our public and private sector partners to assess the impacts of these reported incidents and providing assistance where needed," Reuters cited the US Cybersecurity and Infrastructure Security Agency.

    A VMware spokesperson said the hackers were abusing a flaw that was
    discovered in early 2021, and patched in February of that year. The company also urged its customers to apply the patch immediately. Read more

    You're a ransomware victim: Here's 5 things you should do


    This new ransomware is seeing rapid growth, so beware


    Remove viruses and ransomware with the best malware removal

    A separate report published by The Stack claims more than 500 companies have so far been affected by the campaign and indeed, it was a ransomware attack. Businesses in France are allegedly worst-hit. The countrys national
    government computer security incident response team, CERT-FR, says the attack is semi-automated, targeting servers vulnerable to CVE-2021-21974.

    The flaw is described as an OpenSLP HeapOverflow vulnerability, allowing threat actors to execute code remotely.

    So far, we dont know which ransomware group initiated the attack and which encryptor is being deployed, but reports are saying that roughly 20 servers get hit every hour. Here's our rundown of the best firewalls right now



    ======================================================================
    Link to news story: https://www.techradar.com/news/widespread-cyberattack-hits-servers-across-euro pe


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)