ESXiArgs encryption malware launches massive attacks against VMware ESXi servers | allinfosecnews.com

Feb. 6, 2023, 1:07 p.m. | Ruslan Kh.

DEV Community dev.to

Hosting providers and CERT-FR warn: A new ransomware named ESXiArgs has compromised more than 3,200 VMware ESXi servers in a recent massive hacking campaign. The attackers are exploiting a two-year-old vulnerability (CVE-2021-21974) in OpenSLP (port 427) that allows them to execute remote commands on the vulnerable servers. The vulnerability is related to a dynamic memory overflow in OpenSLP that can be exploited by unauthenticated attackers. This vulnerability affects ESXi version 7.x, ESXi version 6.7.x, and ESXi version 6.5.x. …

attackers attacks campaign cert compromised cve cve-2021-21974 dynamic encryption esxi esxiargs exploited exploiting hacking hacking campaign hosting malware memory old overflow ovh port ransomware security servers version vmware vmware esxi vmware esxi servers vulnerability vulnerable

More from dev.to / DEV Community

Exploring Supply Chain and Cybersecurity Innovations in Full Stack Coding: An Insider's Take 8 minutes ago | dev.to

businesses coding cybersecurity digital +14

How to import all AWS profiles from AWS LandingZone an hour ago | dev.to

account accounts aws beginners +12

What is Container Scanning? 3 hours ago | dev.to

adversaries application application development applications +21

We just raised our $17 million Series A 3 hours ago | dev.to

big board capital connect +9

Answer: ImportError: No module named xgboost 4 hours ago | dev.to

check control download environment +7

Zen of debugging: 5 tips for beginners 4 hours ago | dev.to

article beginners best practices career +17

Enhancing security for Lambda function URLs 6 hours ago | dev.to

access access control aws cloudfront +14

Linux Basics: A Clear Guide to Getting Started 7 hours ago | dev.to

basics can clear cloud +14

Exploring the Power of Zero Trust Authentication 7 hours ago | dev.to

authentication beacon chaos cyber +18

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Associate Manager, BPT Infrastructure & Ops (Security Engineer)

@ SC Johnson | PHL - Makati

View on infosec-jobs.com

Cybersecurity Analyst - Project Bound

@ NextEra Energy | Jupiter, FL, US, 33478

View on infosec-jobs.com

Lead Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts

View on infosec-jobs.com

Junior Information Security Coordinator (Internship)

@ Garrison Technology | London, Waterloo, England, United Kingdom

View on infosec-jobs.com

Sr. Security Engineer

@ ScienceLogic | Reston, VA

View on infosec-jobs.com