Italy warns hackers targeting known server vulnerability

Thousands of computer servers around the world have been targeted by a ransomware hacking attack targeting VMware ESXi servers, Italy’s National Cybersecurity Agency (ACN) said on Sunday, warning organisations to take action to protect their systems.

The hacking attack sought to exploit a software vulnerability, ACN director general Roberto Baldoni told Reuters, adding it was on a massive scale.

A spokesperson for VMware said the company is aware of the incidents and it had issued patches for the two-year-old vulnerability that is being exploited in February 2021, urging its customers to apply the patch if they have not done so.

Italy’s ANSA news agency, citing the ACN, reported that servers had been compromised in other European countries such as France and Finland as well as the United States and Canada.

ALSO READ: PSA: If you use RDP, you could be leaving a door open to hackers!

Dozens of Italian organisations were likely to have been affected and many more had been warned to take action to avoid being locked out of their systems.

Telecom Italia customers reported internet problems earlier on Sunday, but the two issues were not believed to be related.

US cybersecurity officials said they were assessing the impact of the reported incidents.

“CISA is working with our public and private sector partners to assess the impacts of these reported incidents and providing assistance where needed,” the US Cybersecurity and Infrastructure Security Agency said.