April 4 Cyber News Roundup
LockBit, BlackCat, and Clop. Since 2022, LockBit and BlackCat consistently ranked among the ransomware-as-a-software (RaaS) providers with the most detections.
LockBit, which was behind 25% of all ransomware leaks in 2023, has undergone multiple iterations in an effort to remain a prominent RaaS provider
Our telemetry showed that over the third and fourth quarters of 2023, we detected and blocked a total of 7,472,013 ransomware threats across email, URL, and file layers — a 11.6% rise in overall ransomware threat detections compared to that in the first six months of the year, which had 6,697,853 total detections.
?
Red Hat on Friday warned that a malicious backdoor found in the widely used data compression software library xz may be present in instances of Fedora Linux 40 and the Fedora Rawhide developer distribution.
The IT giant said the malicious code, which appears to provide remote backdoor access via OpenSSH and systemd at least, is present in xz 5.6.0 and 5.6.1. The vulnerability has been designated CVE-2024-3094. It is rated 10 out of 10 in CVSS severity.
?
A new ransomware variant is targeting VMware ESXi servers, a popular virtualization platform used by hosting providers worldwide.? Dubbed “SEXi” by its creators, this ransomware has already made significant waves, with Powerhost’s CEO revealing a staggering ransom demand of approximately 140 million dollars.? The attack on VMware ESXi servers marks a concerning trend for businesses relying on virtualized environments.? This lack of clarity underscores the sophisticated nature of the SEXi ransomware and the challenges faced in protecting complex network infrastructures.