IT and Business Insights for SMB Solution Providers

VMware ESXi have come under attack

 Patch your VMware ESXi 

Servers running the popular
virtualization hypervisor VMware ESXi have come under attack from at least one
ransomware group over the past week, likely following scanning activity to
identify hosts with Open Service Location Protocol (OpenSLP) vulnerabilities.

Specifically, threat actors have
been taking advantage of unpatched systems vulnerable to CVE-2020-3992 and CVE-2021-21974 that, when
exploited, can allow remote code execution.

Of the incidents observed thus
far, a ransomware-as-a-service (RaaS) group known as Nevada, appears to
be responsible ― although their ransom note shares many similarities with
Cheerscrypt, a ransomware threat that targeted ESXi in early- to mid-2022.

About the Author

ChannelPro SMB Magazine

Get an edge on the competition

With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.