CISA warns of VMware ESXi bug exploited in ransomware attacks
July 30, 2024 at 03:57PM CISA orders U.S. FCEB agencies to secure servers against VMware ESXi vulnerability exploited in ransomware attacks. VMware fixed flaw CVE-2024-37085, allowing attackers to gain admin privileges. Ransomware gangs exploit this to steal data, move laterally, and encrypt ESXi. Agencies have 3 weeks to secure systems under directive BOD 22-01. CISA … Read more