Ransomware Operators Exploit Novel ESXi Vulnerability for Attacks
Summary Microsoft researchers have uncovered a vulnerability in VMware ESXi hypervisors being exploited by several ransomware operators to obtain full administrative permissions on affected systems. Ransomware groups like Storm-0506, Storm-1175, Octo Tempest, and Manatee Tempest have exploited this flaw, designated CVE-2024-37085, deploying ransomware such as Akira and Black Basta. The issue was disclosed to VMware, which released a security update. RH-ISAC Members who utilize VMware products in…
Read More