A new double-extortion ransomware variant, Cicada3301, targets VMware ESXi servers by brute-forcing credentials, encrypting data using the ChaCha20 cipher, then using ScreenConnect for remote access, with a method similar to ALPHV/BlackCat, affecting industries like healthcare and manufacturing across North America and England, while Truesec and Morphisec have identified links to the Brutus botnet and previous ransomware groups.
Give a Pawfive to this post!
Share with your friends and followers
Start writing about what excites you in tech — connect with developers, grow your voice, and get rewarded.
Join other developers and claim your FAUN.dev() account now!
