Dashlane password manager open-sourced its Android and iOS apps -
Follow
BleepingComputer
@BleepinComputer
Breaking technology news, security guides, and tutorials that help you get the most from your computer. DMs are open. Feel free to use it to send story tips.
BleepingComputer’s Tweets
New Dingo crypto token found charging a 99% transaction fee -
5
12
14
Linux version of Royal Ransomware targets VMware ESXi servers -
28
28
Add new skills to your resume with this Stone River eLearning deal
6
8
The /store/packages/vmtools.py Python script is likely the same ESXi backdoor reported by / in December 2022.
13
22
Show this thread
The article received a large update from to include technical details.
A script used to encrypt files references a likely backdoor installed to /store/packages/vmtools.py.
All compromised Vmware ESXi servers should be checked to ensure this file was deleted.
1
19
32
Show this thread
As of this morning, the ESXiArgs ransomware campaign has encrypted at least 501 VMware ESXi servers according to Shodan.
2
19
32
Show this thread
NY attorney general forces spyware vendor to alert victims -
29
35
Work anywhere with this Desklab 4K portable monitor deal
1
7
10
Bermuda hit by widespread internet outage amid power cut -
17
24
Thx continued: , , , , , and .
Sorry if we missed anyone!
3
7
Show this thread
Thx to those who shared ransomware info this week: , , , , , , , , , , , , , ,
1
2
6
Show this thread
The Week in Ransomware - February 3rd 2023 - Ending with a mess -
2
17
22
Show this thread
Some of those encrypted by the ESXiArgs ransomware have had success recovering their data using this method:
enes.dev
However it is strongly advised that you read through the BC support topic as some have run into difficulties.
1
16
34
Show this thread
InstantCheckmate, TruthFinder confirm data breach affecting 20M customers -
2
31
39
🚨 This is a massive attack, and as it appears to be automated, all admins are advised to confirm their ESXi servers are firewalled, with no ports exposed to the Internet, until they are patched. 🚨
4
23
50
Show this thread
BleepingComputer has a dedicated support topic where people are reporting their experiences with this attack.
If you have new information or a copy of the malware, please let us know so researchers can analyze it for weaknesses.
1
10
25
Show this thread
The ransomware deployed in the attack is now tracked as ESXiArgs ransomware and it encrypts files with the .vmxf, .vmx, .vmsd, and .nvram extensions.
Victims have found ransom notes named "ransom.html" and "How to Restore Your Files.html" on encrypted systems.
2
15
26
Show this thread
To block incoming attacks, admins have to apply the latest security patches or disable the vulnerable Service Location Protocol (SLP) service on vulnerable ESXi hypervisors.
1
9
18
Show this thread
The attackers are targeting VMware ESXi servers unpatched against CVE-2021-21974, a vulnerability in the OpenSLP service that can be exploited by unauthenticated threat actors in low-complexity attacks.
1
11
22
Show this thread
Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide -
9
260
381
Show this thread
Florida hospital takes IT systems offline after cyberattack -
4
46
65
GoAnywhere MFT zero-day vulnerability lets hackers breach servers -
1
17
20
Atlassian fixes critical bug giving access to Jira Service Management -
15
21
Train for certifications in CompTIA, Cisco, & more with this $30 course deal
12
7
Google ads push ‘virtualized’ malware made for antivirus evasion -
41
53
Microsoft 365 trial offer blocks access to Windows 10 desktops -
4
33
51
We feel that in this day and age, we want to do the right thing. If you are a UK charity, an NHS trust or a UK school, we have special plan for you where the first six month are on us.
Apply here sosintel.co.uk/free-six-month
1
7
17
Hackers weaponize Microsoft Visual Studio add-ins to push malware -
49
66
Microsoft: Scan for outdated Office versions respects your privacy -
4
10
20
Ditch the dead zones with 33% off this Wi-Fi signal booster
5
4
Former Ubiquiti dev pleads guilty to trying to extort his employer -
18
20
North Korean hackers stole research data in two-month-long breach -
15
22
Cisco fixes bug allowing backdoor persistence between reboots -
19
22
Ransomware attack on ION Group impacts derivatives trading market -
21
34
Become proficient in Microsoft Excel from home with this deal
3
10
New HeadCrab malware infects 1,200 Redis servers to mine Monero -
19
30
The LockBit ransomware gang is going 'Green' — unfortunately, not the environment-friendly way.
Instead, they launched a new 'LockBit Green' encryptor that is based on the leaked source code from the Conti Ransomware operation.
1
30
56
Over 1,800 Android phishing forms for sale on cybercrime market -
17
22
Google Fi data breach let hackers carry out SIM swap attacks -
3
61
89