VMware Issues Warning While CISA Releases Script to Recover Encrypted ESXi Servers
Florida Supreme Court and universities hit in ransomware wave, Biden pitches for federal privacy law in SOTU, UK MP breached by Russian spy group, Ryuk actor pleads guilty, much more
Check out my latest CSO column, which looks at an alarming surge in swatting attacks on corporate leaders made possible by data brokers and repositories of breached data.
VMware warned customers to install the latest security updates and disable the OpenSLP service targeted in a large-scale campaign of ransomware attacks against Internet-exposed and vulnerable ESXi servers.
VMware's warning comes after unknown threat actors started encrypting VMware ESXi servers unpatched against an OpenSLP security flaw (CVE-2021-21974) that unauthenticated threat actors can exploit to gain remote code execution in low-complexity attacks. Known as ESXiArgs ransomware, this malware has been deployed as part of a massive wave of ongoing attacks that has already impacted thousands of vulnerable targets worldwide (over 2,400 servers, according to current data from Censys.
ID Ransomware's Michael Gillespie analyzed a copy of the ESXiArgs encryptor and told BleepingCo…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.