How are ransomware actors targeting your virtual infrastructure? Why target general machines when an ESXi cluster taken down can lead to hundreds or thousands of ransomware devices? In this episode of Wait Just an Infosec, FOR528 course author Ryan Chapman, Nicklas Keijser and Anders Olsson discuss these questions and more. Don't miss it. #Ransomware #LiveStream #WaitJustanInfosec
Understanding Ransomware Threats to ESXi: Essential Insights
www.linkedin.com
here in Latam we had a big incident with a MSP called IFX Networks, it got almost 100% of their cloud customers down for almost a week, all because of a "zero-day" vulnerability in the VMware hypervisor that let the attackers encrypt all the hypervisors
here from Myanmar
Learn more about the Aviata Cloud Solo Flight Challenge: https://www.sans.org/blog/aviata-solo-flight-challenge-cloud-security-workshops/
ESXi hardening guides: https://for528.com/esxi4
Learn more about ESXi-Targeting Ransomware: http://for528.com/esxi
Here you go: https://for528.com/esxi
Would love to hear some post mortem analysis workflows for RCA regarding successfully ransomware against esxi
SOC Analyst | Cybersecurity Threat Hunter | Lantech Longwave - Zucchetti
1wI just have a question. You mentioned a way to connect ESXi to Active Directory in case the credentials to access it are not reachable. Would it make sense to also monitor this type of activity, or would the reaction times not be sufficient to respond to this type of threat?