Alerts | Guyana National CIRT

AL2023_13 VMware ESXi servers worldwide targeted by ransomware (8th February 2023)

The French Computer Incident Response team (CERT-FR) issued a warning that attackers are actively targeting unpatched VMware ESXi servers to deploy a new ESXiArgs ransomware.

Read more about AL2023_13 VMware ESXi servers worldwide targeted by ransomware (8th February 2023)

AL2023_12 New ransomware advertised on the Dark Web (6th February 2023)

Researchers at Resecurity have identified a relatively new ransomware-as-a-service (RaaS) family called ‘Nevada ransomware’.

Read more about AL2023_12 New ransomware advertised on the Dark Web (6th February 2023)

AL2023_11 New Golang-based info stealer malware emerges (1st February 2023)

A new Golang-based information stealer malware called Titan Stealer was seen being showcased by a threat actor through their Telegram.

Read more about AL2023_11 New Golang-based info stealer malware emerges (1st February 2023)

AL2023_10 Windows CryptoAPI spoofing bug exploit released (1st February 2023)

Researchers have released proof of concept exploit code for a critical Windows CryptoAPI vulnerability which allows MD5-collision certificate spoofing.

Read more about AL2023_10 Windows CryptoAPI spoofing bug exploit released (1st February 2023)

AL2023_09 New Python-based malware campaign targets Windows (1st February 2023)

Stealthy Python-based malware that features remote access trojan (RAT) capabilities targeting Windows devices.

Read more about AL2023_09 New Python-based malware campaign targets Windows (1st February 2023)