CyberSecurityBoard
Sponsor Register Login

A Huge Number of People Have Been Affected by the ESXiArgs Ransomware Attack

European cybersecurity authorities are warning of a large-scale attack on a two-year-old VMWare ESXi vulnerability by ransomware actors. This campaign has been named ESXiArgs because the ransomware creates an additional file with the extension. Thousands of servers in Europe and North America have already been compromised, according to Censys searches. The vulnerability, assigned CVE-2021-21974, was patched in February 2021, but government agencies and cybersecurity experts are urging administrators to update unpatched servers immediately. The vulnerability was first discovered by Mikhail Klyuchnikov of Positive Technologies, a Russian cybersecurity firm. A proof-of-concept exploit has been available since May 2021, although it is not known if this is the same exploit being used in the ESXiArgs campaign. The vulnerability is being exploited to release ransomware, according to the Italys National Cybersecurity Agency. France's computer emergency response team also issued a bulletin about the campaign to warn of the ransomware attack. The updates should be installed immediately, and servers that have not been updated can be assumed to be hacked.

This Cyber News was published on therecord.media. Publication date: Mon, 06 Feb 2023 21:24:03 +0000


Cyber News related to A Huge Number of People Have Been Affected by the ESXiArgs Ransomware Attack

CVE-2024-26991 - In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes Fix KVM_SET_MEMORY_ATTRIBUTES to not overflow lpage_info array and trigger KASAN splat, as seen in the ...
6 months ago Tenable.com
Investigation of Possible Causes of ESXiArgs Ransomware Attacks Suggests VMware is Not at Fault - Edward Hawkins, the High-Profile Product Incident Response Manager at VMware, has denied allegations that two-year-old security flaws have been used in the current ESXiArgs ransomware attacks. Over the weekend, reports surfaced about cybercriminals ...
1 year ago Hackread.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
Thousands of Young People Told Us Why the Kids Online Safety Act Will Be Harmful to Minors - How young people feel about the Kids Online Safety Act matters. These comments show that thoughtful young people are deeply concerned about the proposed law's fallout, and that many who would be affected think it will harm them, not help them. In ...
7 months ago Eff.org
No Proof of Unpatched Vulnerabilities Being Used in ESXiArgs Ransomware Assaults VMware - VMware has warned customers to take action as unpatched ESXi servers are being targeted by ESXiArgs ransomware attacks. Hackers are exploiting CVE-2021-21974, a high-severity ESXi remote code execution vulnerability related to OpenSLP that was ...
1 year ago Securityweek.com
CISA Provides Assistance to People Affected by ESXiArgs Ransomware - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has created a new tool to help those affected by ESXiArgs ransomware. This open-source tool, called SXiArgs-Recover, is designed to help victims recover their virtual machines that have ...
1 year ago Hackread.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
9 months ago Securityboulevard.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
9 months ago Unit42.paloaltonetworks.com
The Evolving Landscape of Ransomware Attacks - 1.7 million ransomware attacks are happening every day. Many people think the virus has locked their computer, but it is actually the ransomware that has locked all their files. As the name ransomware suggests they are after ransom. Stealing or ...
10 months ago Cyberdefensemagazine.com
The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
11 months ago Bleepingcomputer.com
CISA Publishes Free Software to Help Restore Data Affected by ESXiArgs Ransomware - The US Cybersecurity and Infrastructure Security Agency (CISA) has created a free tool to help those affected by the ESXiArgs ransomware attacks. These attacks, first seen on February 3, exploit a high-severity vulnerability in VMware's ESXi ...
1 year ago Securityweek.com
Guidance on Recovering from ESXiArgs Ransomware Released by CISA and FBI - A ransomware campaign known as ESXiArgs is currently active and malicious actors may be taking advantage of known vulnerabilities in outdated or unpatched versions of VMware ESXi software to gain access to ESXi servers and deploy the ransomware. ...
1 year ago Us-cert.cisa.gov
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
10 months ago Feeds.fortinet.com
A Huge Number of People Have Been Affected by the ESXiArgs Ransomware Attack - European cybersecurity authorities are warning of a large-scale attack on a two-year-old VMWare ESXi vulnerability by ransomware actors. This campaign has been named ESXiArgs because the ransomware creates an additional file with the extension. ...
1 year ago Therecord.media
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
10 months ago Helpnetsecurity.com
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
11 months ago Therecord.media
The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
9 months ago Bleepingcomputer.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
10 months ago Bleepingcomputer.com
Top 10 Notorious Ransomware Gangs of 2023 - By employing a multitude of advanced techniques like double extortion along with other illicit tactics, ransomware groups are continually evolving at a rapid pace. Here below, we have mentioned all the types of ransomware used by the threat actors ...
10 months ago Cybersecuritynews.com
The Week in Ransomware - Attacks on hospitals continued this week, with ransomware operations disrupting patient care as they force organization to respond to cyberattacks. While many, like LockBit, claim to have policies in place to avoid encryping hospitals, we continue to ...
9 months ago Bleepingcomputer.com
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
7 months ago Feeds.fortinet.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
7 months ago Bleepingcomputer.com
Best Ransomware Protection Practices for Midsize Organizations - Ransomware Protection has emerged as a crucial step in cybersecurity since ransomware attacks have become a major threat to businesses of all sizes, including midsize organizations. Ransomware attacks can be delivered via email attachments or links, ...
10 months ago Securityboulevard.com
Cisco Talos Report: New Trends in Ransomware, Network Infrastructure Attacks, Commodity Loader Malware - The Cisco Talos Year in Review report released Tuesday highlights new trends in the cybersecurity threat landscape. We'll focus on three topics covered: the ransomware cybercriminal ecosystem, network infrastructure attacks and commodity loader ...
11 months ago Techrepublic.com
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
9 months ago Feeds.fortinet.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)