Security News > 2023 > February

Microsoft will soon add native controls to Windows 11 for controlling the RGB lighting on computer peripherals, like mice and gaming keyboards. The new RBG lighting controls are currently in development as a hidden feature of Windows 11 build 25295 in the Windows Insider developer channel.

After the U.S. Cybersecurity and Infrastructure Security Agency released a decryptor for affected victims to recover from ESXiArgs ransomware attacks, the threat actors have bounced back with an updated version that encrypts more data. The threat actors "Realized that researchers were tracking their payments, and they may have even known before they released the ransomware that the encryption process in the original variant was relatively easy to circumvent," Censys said in a write-up.

Suspected Russian threat actors have been targeting Eastern European users in the crypto industry with fake job opportunities as bait to install information-stealing malware on compromised hosts. The attackers "Use several highly obfuscated and under-development custom loaders in order to infect those involved in the cryptocurrency industry with Enigma stealer," Trend Micro researchers Aliakbar Zahravi and Peter Girnus said in a report this week.

The U.S. Cybersecurity and Infrastructure Security Agency on Friday added three flaws to its Known Exploited Vulnerabilities catalog, citing evidence of active abuse in the wild. Details about the flaw were disclosed by Ethiopian cyber security research firm Octagon Networks in March 2022.

Several California medical groups have sent security breach notification letters to more than three million patients alerting them that crooks may have stolen a ton of their sensitive health and personal information during a ransomware infection in December. According to the Southern California health-care organizations, which include Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, and Greater Covina Medical, the security breach happened around December 1, 2022.

From ongoing attacks targeting ESXi servers to sanctions on Conti/TrickBot members, it has been quite a busy week regarding ransomware. The worldwide ESXiArgs ransomware attacks continued to plague VMware ESXi servers over the weekend and into the week.

"With the collapse of bankrupt crypto exchange FTX still sending shivers through the industry and fueling consumer mistrust, an Israeli multi-billion-dollar startup is making its"uncheatable" blockchain transaction technology available for mass adoption in hopes of preventing the next fraud scandal. Netanya-based StarkWare, which is valued at $8 billion, is the developer of a technology that compresses and speeds up blockchain transactions.

The City of Oakland was hit by a ransomware attack on Wednesday night that forced it to take all systems offline until the network is secured and affected services are brought back online. The attack has not affected core services, with the City saying that 911 dispatch and fire and emergency resources are all working as expected.

The California-based networking hardware manufacturer 'A10 Networks' has confirmed to BleepingComputer that the Play ransomware gang briefly gained access to its IT infrastructure and compromised data.A10 Networks specializes in the manufacturing of software and hardware application delivery controllers, identity management solutions, and bandwidth management appliances, while it also offers firewall and DDoS threat intelligence and mitigation services.

This subgroup, which is called Conti Team 1, released the Zion ransomware before rebranding it as Royal ransomware. Royal spread so fast because it became the ransomware making the biggest number of victims in November 2022, taking the lead in front of the LockBit ransomware.