The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack
Ransomware attacks targeting VMware ESXi and other virtual machine platforms are wreaking havoc among the enterprise, causing widespread disruption and loss of services. [...]
Outages can disrupt security tools and critical services, showing how failures in infrastructure, vendors, or recovery plans affect cyber resilience.
Search across headline titles and summaries.
Background for this topic.
Outage is a period when a system, network, application, or online service is unavailable or cannot perform its intended function. It may be planned maintenance or an unplanned disruption caused by equipment or software failure, misconfiguration, a dependency problem, natural hazards, or a denial-of-service attack. The tag generally concerns availability incidents, not every performance issue or security breach.
For security practitioners, an outage requires determining whether malicious activity contributed to the disruption while preserving relevant logs, network telemetry, and system state for investigation. Defenses include capacity planning, segmented and redundant architecture, tested failover and recovery procedures, and controls that limit the effect of DDoS traffic or compromised dependencies. Emergency changes made during recovery should be authorized and recorded, since they can create new vulnerabilities or affect data integrity. Clear incident ownership and communications help coordinate technical response without obscuring the cause or scope.
Ransomware attacks targeting VMware ESXi and other virtual machine platforms are wreaking havoc among the enterprise, causing widespread disruption and loss of services. [...]
Company Makes Progress Restoring IT Services, But Disruption LingersAs recovery from its Feb. 21 cyberattack continues, Change Healthcare and its parent company UnitedHealth Group are facing a growing pile of lawsuits, while health sector entities affected by the IT services disruption are dealing with a mounting stack of bills and other paperwork to catch up on.
The restaurant chain hasn't provided any information regarding what led to a widespread IT outage, and customers and employees are asking for answers.
Chance of AI-Generated Content Affecting Results Appears to Remain Low - for NowChina-backed attackers are continuing to refine their use of content generated using artificial intelligence tools, including audio deepfakes and video news anchors, to sow disruption and influence elections in the U.S., Taiwan, India and beyond, security researchers at Microsoft warn.
Panera Bread's recent week-long outage was caused by a ransomware attack, according to people familiar with the matter and emails seen by BleepingComputer. [...]
Initial access brokers are using the new downloader malware, which emerged just after QBot's 2023 disruption.
Hoya Corporation, one of the largest global manufacturers of optical products, says a "system failure" caused servers at some of its production plants and business divisions to go offline on Saturday. [...]
Omni Hotels & Resorts has confirmed a cyberattack caused a nationwide IT outage that is still affecting its locations. [...]
As WhatsApp, Facebook Messenger, and more fall offline today Luxury resort chain Omni Hotels & Resorts has had its computer systems knocked offline since Friday in what it has described as a "disruption," though sounds a lot like the MGM Resorts ransomware infection over the summer.…
Guests affected by the companywide disruption vented their frustrations on social media.
Missouri County Blames Ransomware for IT Outages; Special Election Not DisruptedThe Missouri county of Jackson has declared a state of emergency after being hit by ransomware on the day of a special election. Officials said attackers didn't appear to have stolen any data and that as a cybersecurity measure, the county doesn't store any residents' sensitive financial data.
Our new article provides key highlights and takeaways from Operation Cronos' disruption of LockBit's operations, as well as telemetry details on how LockBit actors operated post-disruption.
Omni Hotels & Resorts has been experiencing a chain-wide outage that brought down its IT systems on Friday, impacting reservation, hotel room door lock, and point-of-sale (POS) systems. [...]
Ransomware groups tore into manufacturing other parts of the OT sector in 2023, and a few attacks caused eight- and nine-figure damages. But worse is yet to come in 2024.