August 1, 2024 at 09:18AM Around 20,000 unpatched VMware ESXi servers, vulnerable to CVE-2024-37085 (CVSS 6.8), are accessible on the internet. It allows threat actors full access, with ransomware groups like Storm-0506 and Octo Tempest exploiting it. The flaw enables administrative control over hypervisors, risking file encryption, VM access, and lateral movement within networks. Urgent … Read more
July 30, 2024 at 04:12PM Ransomware groups are exploiting an authentication bypass bug (CVE-2024-37085) in VMware ESXi, giving them significant access and enabling rapid malware deployment. Broadcom has issued a fix. ESXi hypervisors inadvertently grant full administrative access to any AD domain group called “ESX Admins.” Hackers find hypervisors alluring due to their complexity and … Read more
July 30, 2024 at 03:57PM CISA orders U.S. FCEB agencies to secure servers against VMware ESXi vulnerability exploited in ransomware attacks. VMware fixed flaw CVE-2024-37085, allowing attackers to gain admin privileges. Ransomware gangs exploit this to steal data, move laterally, and encrypt ESXi. Agencies have 3 weeks to secure systems under directive BOD 22-01. CISA … Read more
July 30, 2024 at 02:12AM VMware ESXi hypervisors have been targeted by ransomware groups exploiting a recently patched security flaw, CVE-2024-37085, to gain elevated permissions and deploy file-encrypting malware. The flaw allows unauthorized administrative access, with attacks observed by various ransomware operators. Organizations are advised to update software, enforce two-factor authentication, and prioritize asset protection … Read more
July 29, 2024 at 02:48PM Ransomware groups are exploiting a critical vulnerability (CVE-2024-37085) in VMware ESXi hypervisors to gain full administrative access on domain-joined systems. Microsoft warns that known cybercriminal groups have already exploited this flaw to deploy ransomware. The issue was not initially recognized as being exploited in the wild when VMware released patches. … Read more
July 29, 2024 at 01:12PM Microsoft alerted of ransomware gangs exploiting VMware ESXi authentication bypass vulnerability, allowing attackers to gain full admin privileges. This flaw, CVE-2024-37085, was discovered by Microsoft researchers and patched in ESXi 8.0 U3 last month. The vulnerability has been exploited in ransomware attacks by various groups, leading to data theft and … Read more