VMware ESXi, a popular type-1 hypervisor, is widely used for virtualization in enterprises. As a bare-metal hypervisor, ESXi operates directly on the hardware, making it a cornerstone of many organizations’ mission-critical systems. However,… Source link
A string of attacks on VMware ESXi servers were launched by the Play ransomware group, best known for its double-extortion tactics. In a July 19 blog post, Trend Micro researchers said most of the attacks have been concentrated in the United… Source link
SecurityWeek reports that over 20,000 internet-exposed VMware ESXi hypervisors continue to be impacted by the actively exploited medium-severity authentication bypass vulnerability, tracked as CVE-2024-37085, by the end of July, one week after… Source link
A new ransomware-as-a-service called Eldorado has been targeting Windows and VMware ESXi environments in the US since March, primarily in the education, real estate, and healthcare sectors. Eldorado, which first appeared on the RAMP forum, offers an affiliate program for partners to customize their attacks, taking advantage of Go programs for cross-platform functionality and encryption … Read more
VMware has recently addressed critical vulnerabilities in its ESXi virtualization platform that could allow attackers to escape from the sandboxed environment. These vulnerabilities were highlighted during Safety Week, a global initiative focused on raising awareness about the importance of cybersecurity. VMware acted promptly to release patches for these vulnerabilities, ensuring that users can continue to … Read more
A cybersecurity research team has identified a new ransomware called Eldorado that is targeting organizations globally. This ransomware is operated as Ransomware-as-a-Service (RaaS), allowing for decentralized deployment and a wider range of malware variants. The Eldorado ransomware encrypts files using the ChaCha20 algorithm and employs the RSA-OAEP scheme for key encryption. RaaS enables customers to … Read more
In March, a new ransomware called Eldorado, operating as a service (RaaS), has targeted victims in the United States across various sectors such as real estate, education, healthcare, and manufacturing. The cybercriminals behind Eldorado have been actively promoting their service on RAMP forums and seeking partners to join their program. Eldorado is a unique ransomware … Read more
In March, a new ransomware called Eldorado emerged, targeting victims in the US across various industries. The cybercriminals behind Eldorado are actively promoting their malicious service on forums and seeking partners to join their program. The ransomware can encrypt both Windows and Linux systems using different variants and unique encryption algorithms. It also deletes shadow … Read more
In a recent cybersecurity threat, hackers identified as UNC3886 have been using Linux rootkits to conceal their presence on VMware ESXi virtual machines (VMs). This method allows the hackers to remain undetected while gaining unauthorized access to sensitive information. Rootkits are a type of malware that hide their presence within a system, making it difficult … Read more
VMware has disclosed three critical vulnerabilities in its ESXi hypervisor that could allow attackers to bypass authentication mechanisms. These vulnerabilities, identified as CVE-2024-37085, CVE-2024-37086, and CVE-2024-37087, pose significant risks to organizations utilizing VMware ESXi in their virtualized environments. The vulnerabilities impact the authentication processes within VMware ESXi, potentially enabling unauthorized access to the system. CVE-2024-37085 … Read more