AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

New wave of ransomware targets IT infrastructures

Cyber security on alert: new risks for virtualized infrastructures

MRAGENT is a new ransomware targeting VMware ESXi servers, operated by the RansomHouse cyber gang. These attacks threaten the security of corporate data and require protective measures such as backups and software updates.

This pill is also available in Italian language

The cybersecurity landscape is constantly grappling with new attack tools, recently a new threat has emerged that affects critical virtualized infrastructures. A new malicious tool, known as MRAGENT, appears to specifically target VMware ESXi servers, a world-leading hypervisor platform used to optimize IT resources and provide greater flexibility. This new type of ransomware was identified by research groups specialized in cyber-security, who detected a worrying ease of use in the tool, significantly increasing the risk of attacks even by inexperienced operators.

RamsomHouse: new cybercriminal organization

MRAGENT has been linked to RansomHouse, an emerging criminal organization in the ransomware industry. This collective has gained attention for their activity, highlighted by in-depth technical analyzes and detailed reports that signal their presence online. While some cyberattack organizations operate with a ransomware-as-a-service (RaaS) model, RansomHouse appears to adopt a more focused and controlled strategy in deploying its malicious assets, actively selecting targets and directly managing attacks.

Consequences for businesses: data integrity at risk

VMware ESXi servers manage a considerable volume of virtual machines (VMs) and data critical to daily business operations. A successful attack generated through MRAGENT could therefore have devastating consequences, putting the data integrity and operational continuity of the affected companies at risk. Compromising virtual infrastructure entails not only potentially huge financial losses but also significant reputational damage and could impact compliance with data privacy regulations, such as the General Data Protection Regulation (GDPR) in the European Union.

Mitigation and protection strategies

Faced with the escalation of such sophisticated threats, it is critical that organizations adopt proactive risk mitigation and system protection strategies. Performing regular, offline backups, segmenting the network, constantly updating systems and training staff on cybersecurity best practices are key measures to safeguard digital assets. Additionally, continuous monitoring of networks for signs of suspicious activity and rapid incident response are critical elements in the defense strategy against ransomware and other types of malware.

Follow us on WhatsApp for more pills like this

02/16/2024 10:14

Editorial AI

Last pills

Cyber attack in Indonesia: the new Brain Cipher ransomware brings services to their kneesNew ransomware hits Indonesia: learn how Brain Cipher crippled essential services and the techniques used by hackers

Patelco Credit Union: security incident halts customer services in CaliforniaService disruption and customer frustration: Patelco Credit Union works to resolve security incident

Cyber attack on TeamViewer: immediate response and investigations underwayStrengthened security measures and international collaborations to counter the cyber threat

Polyfill JS supply chain attack: what happenedA detailed analysis of the cyber attack that compromised a library essential for JavaScript compatibility in browsers