VMWare Gives Warning of Two Critical Flaws

VMware, managed by Broadcom, has identified two critical security flaws in its vCenter Server software, which is crucial for managing virtual machines and hosts in its Cloud Foundation and vSphere suites. These flaws, CVE-2024-37079 and CVE-2024-37080, have been rated 9.8 out of 10 in severity.

Over 500 Organizations Hit By Ransomware

Identified in April of 2022, the organization known as Black Basta has hit more than 500 organizations globally, according to warnings put out by multiple United States government departments, including CISA and the FBI. The group operates under a Ransomware-as-a-Service (RaaS) business model and works with affiliates to conduct cyberattacks and deploy malware against victim organizations while taking a percentage of the ransom payment in exchange.

Ransomware Attack Costs Change Healthcare Nearly $1B

United Healthcare, the parent company of Change Healthcare, has released financial information about the recent ransomware attack that disrupted cashflow and the ability to provide care to hospitals and pharmacies across the United States. The company published their quarterly earning results in which they disclosed that repairs are likely to exceed $1 billion over time, including the $22 million ransom payment that was made.

WordPress Website Admins Urged to Delete Plugin

Admins who utilize the Malware Scanner and Web Application Firewall plugin from miniOrange on their WordPress are being told to remove the plugins after a critical security flaw was discovered. The flaw, being tracked as CVE-2024-2172, has been rated a 9.8 out of 10 for severity and affects the Malware Scanner versions up to 4.7.2 and Web Application Firewall versions up to 2.1.1.