Broadcom who recently bought VMware has started to send cease and desist letters to customers who are running perpetual licenses of VMware without an active support contract. If you want to see what one of these looks like, here is an example. In short, this is more of a shakedown letter that says that users may continue to use their perpetual licenses. However, they can no longer purchase support unless they had prior contractual agreements to do so. Support is now only offered through subscription models. This sometimes leads to cost increases of 300 percent or more from what I have heard. But more importantly it forces customers to roll back security updates if they choose not to pay Broadcom and thus leaving them open to old vulnerabilities that ransomware gangs may start exploiting.
In a blog post published today, Comparitech analyzed this new policy. The analysis looks at what happened, the security ramifications, the impact to VMware customers, and what companies can do to protect themselves against ransomware threats.
For full details, please see the full analysis here. But if you want my advice, I would look for an alternative to Broadcom’s products. I say that because even with a supposedly free product like VMware Fusion, I can no longer check for updates. Instead, I have to log in using my Broadcom account to download and reinstall the entire application to get a security update. This has been noted on Broadcom’s own forums. While that is a first world problem of sorts, it means that I am less likely to get security updates in a timely fashion. That I find to be unacceptable because companies shouldn’t do things like this that impact the security of their customers in a negative way.
Qilin Ransomware gang says it hacked the Sheriff of Hamilton County, TN
Posted in Commentary with tags Hacked on May 9, 2025 by itnerdRansomware gang Qilin this week claimed responsibility for an April 14, 2025 cyber-attack on the Hamilton County Sheriff’s Office in Chattanooga, TN. The office on May 2 acknowledged a ransomware attack, saying the hackers demanded $300,000 in ransom. The sheriff says HCSO did not pay the ransom, but did pay $48,000 to Vendetta, a third-party cybersecurity firm.
In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:
“Qilin is a ransomware gang that started claiming responsibility for attacks on its website in late 2022. Also known as Agenda, Qilin is a Russia-based hacking group that mainly targets victims through phishing emails to spread its ransomware. It launched in August 2022 and runs a ransomware-as-a-service business in which affiliates pay to use Qilin’s malware to launch attacks and collect ransoms. Qilin made another 171 unconfirmed attack claims that haven’t been acknowledged by the targeted organizations. Three of those allegedly hit government organizations.”
“Ransomware attacks on US government agencies and departments can both steal data and lock down computer systems. The attacker then demands a ransom to delete the stolen data and in exchange for a key to recover infected systems. If the target doesn’t pay, it could take weeks or even months to restore systems, data could be lost forever, and people whose data was stolen are put at greater risk of fraud. According to our data, it takes an average of 19.5 days for government organizations to recover from ransomware attacks.”
This gang appears to be on a roll as I have been writing a fair amount about them recently. That’s not good for all of us as that will embolden them to launch increased and more devastating attacks on organizations.
Leave a comment »