IT and Business Insights for SMB Solution Providers

VMware ESXi have come under attack

By Jay Ferron

 Patch your VMware ESXi 

Servers running the popular
virtualization hypervisor VMware ESXi have come under attack from at least one
ransomware group over the past week, likely following scanning activity to
identify hosts with Open Service Location Protocol (OpenSLP) vulnerabilities.

Specifically, threat actors have
been taking advantage of unpatched systems vulnerable to CVE-2020-3992 and CVE-2021-21974 that, when
exploited, can allow remote code execution.

Of the incidents observed thus
far, a ransomware-as-a-service (RaaS) group known as Nevada, appears to
be responsible ― although their ransom note shares many similarities with
Cheerscrypt, a ransomware threat that targeted ESXi in early- to mid-2022.

Images

Tags: 
My Information Resource

About the Author

Jay Ferron's picture
Jay Ferron

Related Features

North Korea Using Social Engineering to Enable Hacking of Think Tanks, Academia, and Media
June 6th, 2023
Wi-Fi Could Help Identify When You’re Struggling to Breathe
December 20th, 2022
CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022 
August 3rd, 2023
Learn AI with GitHub Copilot
May 16th, 2023
New NIST Public Working Group on AI
June 22nd, 2023
ChannelPro SMB Magazine
SUBSCRIBE FREE!

Get an edge on the competition

With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.