* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Friday, July 11, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Immersive sports and entertainment venue Cosm set to build its 5th location in Cleveland – WKYC

    Cosm Reveals Exciting Vision for Its 5th Immersive Sports and Entertainment Venue in Cleveland

    Monumental Sports & Entertainment’s Samantha Brady on the Power of the RSN’s Direct-to-Consumer Streaming Service Monumental+ – Sports Video Group

    Samantha Brady Reveals How Monumental+ is Transforming Sports Streaming with Direct-to-Consumer Access

    Moses Singer Welcomes Entertainment and Intellectual Property Partner Frederick Bimbler – Yahoo Finance

    Moses Singer Expands Team with New Entertainment and Intellectual Property Partner Frederick Bimbler

    Longhua District and Max-Matching Entertainments, supported by RWS Global forge strategic partnership to develop international IP-themed entertainment complex – Amusement Today

    Longhua District and Max-Matching Entertainments, supported by RWS Global forge strategic partnership to develop international IP-themed entertainment complex – Amusement Today

    Government whip to withdraw Entertainment Complex Bill on July 9 – Nation Thailand

    Government whip to withdraw Entertainment Complex Bill on July 9 – Nation Thailand

    Magicians and Battlebots light up Las Vegas entertainment scene – KSNV

    Magicians and Battlebots Take Las Vegas Entertainment by Storm

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Stallion Uranium Provides Update on Technology Data Acquisition Agreement – GlobeNewswire

    Stallion Uranium Announces Exciting Progress in Technology Data Acquisition Agreement

    2025 WE Local Prague Recap: Inspiring Women in Engineering and Technology – Society of Women Engineers

    2025 WE Local Prague Recap: Inspiring Women in Engineering and Technology – Society of Women Engineers

    SMPTE Opens Early Bird Registration for Media Technology Summit – TVTechnology

    SMPTE Launches Early Bird Registration for Exciting Media Technology Summit

    Google Fiber puts Nokia network slicing technology to the test – Fierce Network

    Google Fiber Puts Nokia’s Network Slicing Technology to the Ultimate Test

    Kaseya Extends Community Investment with Addition of Technology Marketing Toolkit – Kaseya

    Kaseya Extends Community Investment with Addition of Technology Marketing Toolkit – Kaseya

    AI and the Trust Revolution: How Technology Is Transforming Human Connections – Foreign Affairs

    AI and the Trust Revolution: How Technology Is Transforming Human Connections – Foreign Affairs

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Immersive sports and entertainment venue Cosm set to build its 5th location in Cleveland – WKYC

    Cosm Reveals Exciting Vision for Its 5th Immersive Sports and Entertainment Venue in Cleveland

    Monumental Sports & Entertainment’s Samantha Brady on the Power of the RSN’s Direct-to-Consumer Streaming Service Monumental+ – Sports Video Group

    Samantha Brady Reveals How Monumental+ is Transforming Sports Streaming with Direct-to-Consumer Access

    Moses Singer Welcomes Entertainment and Intellectual Property Partner Frederick Bimbler – Yahoo Finance

    Moses Singer Expands Team with New Entertainment and Intellectual Property Partner Frederick Bimbler

    Longhua District and Max-Matching Entertainments, supported by RWS Global forge strategic partnership to develop international IP-themed entertainment complex – Amusement Today

    Longhua District and Max-Matching Entertainments, supported by RWS Global forge strategic partnership to develop international IP-themed entertainment complex – Amusement Today

    Government whip to withdraw Entertainment Complex Bill on July 9 – Nation Thailand

    Government whip to withdraw Entertainment Complex Bill on July 9 – Nation Thailand

    Magicians and Battlebots light up Las Vegas entertainment scene – KSNV

    Magicians and Battlebots Take Las Vegas Entertainment by Storm

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Stallion Uranium Provides Update on Technology Data Acquisition Agreement – GlobeNewswire

    Stallion Uranium Announces Exciting Progress in Technology Data Acquisition Agreement

    2025 WE Local Prague Recap: Inspiring Women in Engineering and Technology – Society of Women Engineers

    2025 WE Local Prague Recap: Inspiring Women in Engineering and Technology – Society of Women Engineers

    SMPTE Opens Early Bird Registration for Media Technology Summit – TVTechnology

    SMPTE Launches Early Bird Registration for Exciting Media Technology Summit

    Google Fiber puts Nokia network slicing technology to the test – Fierce Network

    Google Fiber Puts Nokia’s Network Slicing Technology to the Ultimate Test

    Kaseya Extends Community Investment with Addition of Technology Marketing Toolkit – Kaseya

    Kaseya Extends Community Investment with Addition of Technology Marketing Toolkit – Kaseya

    AI and the Trust Revolution: How Technology Is Transforming Human Connections – Foreign Affairs

    AI and the Trust Revolution: How Technology Is Transforming Human Connections – Foreign Affairs

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

CISA warns of VMware ESXi bug exploited in ransomware attacks

July 31, 2024
in Technology
CISA warns of VMware ESXi bug exploited in ransomware attacks
Share on FacebookShare on Twitter

CISA

CISA has ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their servers against a VMware ESXi authentication bypass vulnerability exploited in ransomware attacks.

Broadcom subsidiary VMware fixed this flaw (CVE-2024-37085) discovered by Microsoft security researchers on June 25 with the release of ESXi 8.0 U3.

CVE-2024-37085 allows attackers to add a new user to the ‘ESX Admins’ group—not present by default but can be added after gaining high privileges on the ESXi hypervisor—which will automatically be assigned full administrative privileges.

Even though successful exploitation would require user interaction and high privileges to pull off, and VMware rated the vulnerability as medium-severity, Microsoft revealed on Monday week that several ransomware gangs are already exploiting it to escalate to full admin privileges on domain-joined hypervisors.

Once they gain admin permissions, they steal sensitive data from VMs, move laterally through victims’ networks, and then encrypt the ESXi hypervisor’s file system, causing outages and disrupting business operations.

So far, CVE-2024-37085 has been exploited by ransomware operators tracked as Storm-0506, Storm-1175, Octo Tempest, and Manatee Tempest to deploy Akira and Black Basta ransomware.

Federal agencies have three weeks to secure vulnerable systems

Following Microsoft’s report, CISA has added the security vulnerability to its ‘Known Exploited Vulnerabilities’ catalog, serving as a warning that threat actors are leveraging it in attacks.

Federal Civilian Executive Branch Agencies (FCEB) agencies now have three weeks until August 20 to secure their systems against ongoing CVE-2024-37085 exploitation, according to the binding operational directive (BOD 22-01) issued in November 2021.

Although this directive only applies to federal agencies, the cybersecurity agency strongly urged all organizations to prioritize fixing the flaw and thwart ransomware attacks that could target their networks.

“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” CISA warned.

For years, ransomware operations have shifted their focus to targeting their victims’ ESXi virtual machines (VMs), particularly after the victims have started using them to store sensitive data and host critical applications.

However, until now, they’ve primarily used Linux lockers designed to encrypt VMs rather than exploiting specific security vulnerabilities in ESXi (such as CVE-2024-37085), even though doing so could provide a faster way to access victims’ hypervisors.

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : BleepingComputer – https://www.bleepingcomputer.com/news/security/cisa-warns-of-vmware-esxi-bug-exploited-in-ransomware-attacks/

Tags: technologyVMwarewarns
Previous Post

Filip Jorgensen joins Chelsea in £20.7m transfer and already showcasing skills in training

Next Post

Dark Angels ransomware receives record-breaking $75 million ransom

Stallion Uranium Provides Update on Technology Data Acquisition Agreement – GlobeNewswire

Stallion Uranium Announces Exciting Progress in Technology Data Acquisition Agreement

July 11, 2025
Angel Reese’s rebounding greatness summed up in one wild statistic – Yahoo Sports

Angel Reese’s rebounding greatness summed up in one wild statistic – Yahoo Sports

July 11, 2025
International call for freedom for environmentalist Onur Yılmaz – ANF English

International call for freedom for environmentalist Onur Yılmaz – ANF English

July 11, 2025
This week in science: a comet, plastic-eating bugs, and how altitude changes smell – KUOW

This week in science: a comet, plastic-eating bugs, and how altitude changes smell – KUOW

July 11, 2025
Science Museum of Minnesota cutting more than 40 full-time employees – CBS News

Science Museum of Minnesota to Cut More Than 40 Full-Time Jobs

July 11, 2025
Doctors say we’ve been misled about weight and health – ScienceDaily

Doctors Reveal the Truth About Weight and Health That You’ve Been Misled About

July 11, 2025
Sierra Club breaks record for world’s largest display of origami fish to protest Line 5 – News From The States

Sierra Club Creates Giant Origami Fish to Break World Record and Protest Line 5

July 11, 2025
Senate Democrat: Trump economy full of ‘uncertainty,’ ‘chaos’ – The Hill

Senate Democrat Warns of ‘Uncertainty’ and ‘Chaos’ in Trump Economy

July 11, 2025
Arts and entertainment events happening July 10th-13th across the Mid-Ohio Valley – WTAP

Unmissable Arts and Entertainment Events Happening July 10th-13th in the Mid-Ohio Valley

July 11, 2025
World’s Premier Cancer Institute Faces Crippling Cuts and Chaos – KFF Health News

World’s Leading Cancer Institute Grapples with Devastating Cuts and Turmoil

July 11, 2025

Categories

Archives

July 2025
MTWTFSS
 123456
78910111213
14151617181920
21222324252627
28293031 
« Jun    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (715)
  • Economy (738)
  • Entertainment (21,626)
  • General (15,827)
  • Health (9,775)
  • Lifestyle (745)
  • News (22,149)
  • People (740)
  • Politics (748)
  • Science (15,956)
  • Sports (21,237)
  • Technology (15,724)
  • World (721)

Recent News

Stallion Uranium Provides Update on Technology Data Acquisition Agreement – GlobeNewswire

Stallion Uranium Announces Exciting Progress in Technology Data Acquisition Agreement

July 11, 2025
Angel Reese’s rebounding greatness summed up in one wild statistic – Yahoo Sports

Angel Reese’s rebounding greatness summed up in one wild statistic – Yahoo Sports

July 11, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version