X-Industry

vmware (2)

Vulnerable VMware ESXi Servers

Our friends at the State of NJ, NJCCIC has provided a valuable alert - Vulnerable VMware ESXi Servers Targeted in Ransomware Attacks.

Ransomware groups are actively exploiting a 2-year-old heap-overflow vulnerability, CVE-2021-21974 (CVSS v3.1 8.8), affecting OpenSLP used in VMware ESXi servers for versions 6.x and prior to 6.7, though threat actors may be leveraging other vulnerabilities or attack vectors, as earlier builds of ESXi appear to have also been compromised. European cybersecurity

Spider Webs covering VMware

Recent reporting by CrowdStrike indicates that two productive cybercrime threat groups, Carbon Spider (CS) and Sprite Spider (SS) are spreading hate and discontent against VMware’s ESXi.

ESXi is a Type-1 hypervisor (also known as a “bare-metal” hypervisor) developed by VMware. A hypervisor is software that runs and manages virtual machines (VMs). In contrast to Type-2 hypervisors that run on a conventional host operating system, a Type-1 hypervisor runs directly on a dedicated host’s hardware.

#xg { position:relative;top:120px; } #xn_bar { top:120px; }

Hello, you need to enable JavaScript to use Red Sky Alliance.

Please check your browser settings or contact your system administrator.

Note: this page contains paid content.