RansomEXX

Publication date: Fri, 08 Dec 2023 19:52:20 +0000

Ransomware gangs join ongoing SAP NetWeaver attacks - Forescout Vedere Labs security researchers have also linked these ongoing attacks to a Chinese threat actor they track as Chaya_004, while EclecticIQ reported on Tuesday that three other Chinese APTs (i.e., UNC5221, UNC5174, and CL-STA-0048) are also ...
7 months ago Bleepingcomputer.com CVE-2025-31324 BianLian RansomEXX

RansomEXX - ...
2 years ago

Exploiting a VMware Vulnerability to Launch Ransomware Attacks on ESXi Servers - Recently, cybercriminals have been targeting VMware ESXi hypervisors with ransomware attacks. These attacks are believed to be exploiting CVE-2021-21974, which had a patch released on February 23, 2021. VMware's alert stated that the vulnerability ...
2 years ago Thehackernews.com CVE-2021-21974 RansomEXX

A type of malicious software called Royal Ransomware designed for Linux systems is attacking VMware ESXi servers - The latest ransomware operation to target Linux devices is Royal Ransomware. It is specifically designed to encrypt VMware ESXi virtual machines. Other ransomware gangs, such as Black Basta, LockBit, BlackMatter, AvosLocker, REvil, HelloKitty, ...
2 years ago Bleepingcomputer.com LockBit RansomEXX Black Basta

Microsoft fixes Windows zero-day exploited in QakBot malware attacks - Microsoft has fixed a zero-day vulnerability exploited in attacks to deliver QakBot and other malware payloads on vulnerable Windows systems. Tracked as CVE-2024-30051, this privilege escalation bug is caused by a heap-based buffer overflow in the ...
1 year ago Bleepingcomputer.com CVE-2024-30051 CVE-2023-36033 RansomEXX Black Basta

Microsoft: Windows CLFS zero-day exploited by ransomware gang - Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims' systems. This ransomware gang has also targeted high-profile organizations, ...
8 months ago Bleepingcomputer.com CVE-2025-29824 RansomEXX

Microsoft: Zero-day bug used in ransomware attacks on US real estate firms | The Record from Recorded Future News - Microsoft did not provide more information on the hackers behind the campaign, only referring to the threat actors as “Storm-2460.” CVE-2025-29824 was the only Patch Tuesday bug from Microsoft added to the Cybersecurity and Infrastructure ...
8 months ago Therecord.media CVE-2025-29824 RansomEXX

Play ransomware exploited Windows logging flaw in zero-day attacks - Previous notable Play ransomware victims include cloud computing company Rackspace, car retailer giant Arnold Clark, the City of Oakland in California, Dallas County, the Belgian city of Antwerp, and, more recently, American semiconductor supplier ...
7 months ago Bleepingcomputer.com CVE-2025-29824 RansomEXX