CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers

admin by admin
February 5, 2023
in Information Security


Feb 04, 2023Ravie LakshmananEnterprise Security / Ransomware

VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised systems.

“These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021,” the Computer Emergency Response Team (CERT) of France said in an advisory on Friday.

VMware, in its own alert released at the time, described the issue as an OpenSLP heap-overflow vulnerability that could lead to the execution of arbitrary code.

“A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution,” the virtualization services provider noted.

French cloud services provider OVHcloud said the attacks are being detected globally with a specific focus on Europe. It’s being suspected that the intrusions are related to a new Rust-based ransomware strain called Nevada that emerged on the scene in December 2022.

Other ransomware families that are known to have embraced Rust in recent months include BlackCat, Hive, Luna, Nokoyawa, RansomExx, and Agenda.

“The actors are inviting both Russian- and English-speaking affiliates to collaborate with a big number of Initial Access Brokers (IABs) in [the] dark web,” Resecurity said last month.

“Notably, the group behind the Nevada Ransomware is also buying compromised access by themselves, the group has a dedicated team for post-exploitation, and for conducting network intrusions into the targets of interest.”

Vmware ESXi Ransomware Attack

However, Bleeping Computer reports that the ransom notes seen in the attacks bear no similarities to Nevada ransomware, adding the strain is being tracked under the name ESXiArgs.

Users are recommended to upgrade to the latest version of ESXi to mitigate potential threats as well as restrict access to the OpenSLP service to trusted IP addresses.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

Initiativesofreinvention

Next Post

Illustratelogic

Related Posts

Information Security

Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals

by admin
September 26, 2023
Information Security

What is Digital Identity? | Avast

by admin
September 26, 2023
Information Security

New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware

by admin
September 25, 2023
Information Security

New Advanced Backdoor with Distinctive Malware Tactics

by admin
September 24, 2023
Information Security

New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks

by admin
September 23, 2023
Next Post

Illustratelogic

Recommended

InnovationBreakthrough Book Introduction Chapter 1 Breakthrough Innovation Types ~ Future of CIO

September 26, 2023

Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals

September 26, 2023

What is Digital Identity? | Avast

September 26, 2023

5 Essential Competency Areas for Success

September 26, 2023

Innovation Breakthrough Chapters Review ~ Future of CIO

September 25, 2023

New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware

September 25, 2023

© CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 CIO News Hubb All rights reserved.