all InfoSec news
ESXiArgs encryption malware launches massive attacks against VMware ESXi servers
DEV Community dev.to
Hosting providers and CERT-FR warn: A new ransomware named ESXiArgs has compromised more than 3,200 VMware ESXi servers in a recent massive hacking campaign. The attackers are exploiting a two-year-old vulnerability (CVE-2021-21974) in OpenSLP (port 427) that allows them to execute remote commands on the vulnerable servers. The vulnerability is related to a dynamic memory overflow in OpenSLP that can be exploited by unauthenticated attackers. This vulnerability affects ESXi version 7.x, ESXi version 6.7.x, and ESXi version 6.5.x. …
attackers attacks campaign cert compromised cve cve-2021-21974 dynamic encryption esxi esxiargs exploited exploiting hacking hacking campaign hosting malware memory old overflow ovh port ransomware security servers version vmware vmware esxi vmware esxi servers vulnerability vulnerable