Surge in VMware ESXi Server Attacks
In recent weeks, a significant surge in attacks targeting VMware ESXi servers has raised alarms across the cybersecurity industry. These attacks have exploited a critical authentication bypass vulnerability, known as CVE-2024-37085, which lets attackers gain full administrative access to ESXi hypervisors when joined to Active Directory domains. This flaw has been a gateway for multiple ransomware groups, including Storm-0506, Storm-1175, Octo Tempest, and Manatee Tempest, which have leveraged it to deploy notorious ransomware variants such as Akira and Black Basta.
Exclusive Access: Unlock Premium, Confidential Insights
Unlock This Exclusive Content—Subscribe Instantly!
Login if you have purchased
