VMware announced it is working on patches for an important severity privilege escalation vulnerability affecting vCenter Server. VMware announced it’s working on security patches to address an important severity privilege escalation vulnerability, tracked as CVE-2021-22048, in its vCenter Server. vCenter Server is the centralized management utility for VMware and is used to manage virtual machines, multiple […]
A critical vulnerability in the WP Reset PRO WordPress plugin can allow an authenticated user to wipe the entire database of WordPress sites. Researchers from cybersecurity form Packstack have discovered a critical vulnerability in the WP Reset PRO WordPress plugin that could be exploited by an authenticated user to completely wipe the database of a […]
TeamTNT hackers are targeting poorly configured Docker servers as part of an ongoing campaign that started in October. Trend Micro researchers reported that TeamTNT hackers are targeting poorly configured Docker servers exposing Docker REST APIs as part of an ongoing campaign that started in October. Threat actors execute malicious scripts to deploy Monero cryptocurrency miners, […]
Robinhood disclosed a security breach, an unidentified threat actor gained unauthorized access to approximately 7 million customer records. Robinhood Markets, Inc. is an American commission-free stock trading and investing platform, it had 18 million accounts as of March 2021, with over $80 billion in assets. The company disclosed a data breach, a threat actor gained […]
Microsoft Patch Tuesday security updates for November 2021 address 55 vulnerabilities in multiple products and warn of two actively exploited issues. Microsoft Patch Tuesday security updates for November 2021 addressed a total of 55 vulnerabilities in Microsoft Windows and Windows Components, Azure, Azure RTOS, Azure Sphere, Microsoft Dynamics, Microsoft Edge (Chromium-based), Exchange Server, Microsoft Office […]
The Clop ransomware gang is exploiting CVE-2021-35211 vulnerability in SolarWinds Serv-U to compromise corporate networks. Threat actors always look for new ways to compromise target networks, Clop ransomware gang (aka TA505, FIN11) is exploiting CVE-2021-35211 SolarWinds Serv-U vulnerability to breach businesses’ infrastructures and deploy its ransomware. The flaw is a remote code execution vulnerability that […]
Romanian police arrested two alleged Sodinokibi/REvil ransomware affiliates accused to have orchestrated attacks against thousands of victims. Romanian law enforcement agencies have arrested two alleged Sodinokibi/REvil ransomware affiliates on November 4, that are accused of having conducted attacks against thousands of victims. The arrests are the result of an international operation carried out in cooperation […]
The U.S. government offers up to $10 million for identifying or locating leaders in the REvil/Sodinokibi ransomware operation The Department of State offers up to $10 million for information that can lead to the identification or location of individuals in key leadership positions in the REvil/Sodinokibi ransomware operation. The US government also offers $5 million […]
The US DoJ has charged a REvil ransomware affiliate that is suspected to have orchestrated the attack on Kaseya MSP platform in July. The US Department of Justice has charged a REvil ransomware affiliate for orchestrating the ransomware attacks on Kaseya MSP platform that took place in July 4. The suspect is 22-year old Ukrainian national Yaroslav […]
Electronics retail giant MediaMarkt was hit by a ransomware attack that disrupted store operations in the Netherlands and Germany. Electronics retail giant MediaMarkt was a victim of a ransomware attack that forced the company to shut down its IT infrastructure to contain the threat and disrupted store operations in the Netherlands and Germany. Media Markt is a […]