New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers

I’ve been getting notifications from vulnerability evaluation vendors as well as customers about this threat. Its a real threat for those using VMware and should be taken seriously. A summary is for the following …

“These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021,” the Computer Emergency Response Team (CERT) of France¬†said¬†in an advisory on Friday.

Later this updated was posted …

OVHcloud, over the weekend, confirmed that the ransomware attacks leveraged a vulnerability in OpenSLP as an initial compromise vector. The company, however, said it cannot confirm if it entailed the abuse of CVE-2021-21974 at this stage. It also backtracked on initial findings that suggested a plausible link to Nevada ransomware.

See details on this threat via thehackernews post found HERE.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.