Kowatek Solar LTD
Who are the companies commercialising large-scale thermal energy storage technologies today
04:32
Who are the companies commercialising large-scale thermal energy storage technologies today
16 Utah Cities Choose to Opt-in to Groundbreaking Clean Energy Program to Bring 100% Clean Energy to Grid
17:51
16 Utah Cities Choose to Opt-in to Groundbreaking Clean Energy Program to Bring 100% Clean Energy to Grid
Themis Powder2Power particle-based CSP begins commissioning in France
18:00
Themis Powder2Power particle-based CSP begins commissioning in France
3 Hours Of Free Power Explained
17:53
3 Hours Of Free Power Explained
Father of Modern Solar Approaches the Next Frontier
17:51
Father of Modern Solar Approaches the Next Frontier
Hacked, leaked, and held for ransom: the worst breaches of 2026 so far
14:40
Hacked, leaked, and held for ransom: the worst breaches of 2026 so far
The optimal internal receiver geometry for high temperature solar fuels
17:59
The optimal internal receiver geometry for high temperature solar fuels
Rolls-Royce to build four BESS facilities for Sunly in Latvia
17:52
Rolls-Royce to build four BESS facilities for Sunly in Latvia
Engie to build 155MW solar PV at gas plant in Spain 
17:51
Engie to build 155MW solar PV at gas plant in Spain 
Supreme Court of Ohio reverses permit for Oak Run Solar site
14:28
Supreme Court of Ohio reverses permit for Oak Run Solar site

Legacy VMware Bug Exploited in Global Ransomware Campaign

VMware customers are urged to patch the ESXi hypervisor vulnerabilities first disclosed in 2021 to mitigate the impact of the ongoing ransomware campaign.

Cybersecurity experts in governments in France, Singapore and elsewhere have sounded alarm bells following reports of compromised servers in Italy, France, Finland, the United States and Canada.

Reuters reported that dozens of Italian servers had been compromised, but the true scale of the global threat is still unknown. Shodan search by dark web intelligence vendor DarkFeed It was revealed 300 casualties may be just the tip of the iceberg.

Both the US Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber ​​Security Center (NCSC) appear to be aware of the campaign, but have not issued an official statement at the time of writing.

The vulnerability in question, CVE-2021-21974, allows an attacker to cause a heap overflow issue in OpenSLP, allowing remote code execution.

This affects the following ESXi versions:

  • ESXi version 7.x prior to ESXi70U1c-17325551
  • ESXi version 6.7.x prior to ESXi670-202102401-SG
  • ESXi version 6.5.x prior to ESXi650-202102101-SG

The Singapore Computer Emergency Response Team (SingCERT) said, “Users and administrators of affected product versions are advised to upgrade to the latest version immediately.

“As a precautionary measure, full system scans should also be performed for signs of compromise. Users and administrators can disable port 427, which targets ransomware campaigns, without disrupting operations. It is also recommended to assess whether

CERT also publishes IP addresses associated with ransomware actors so administrators can update their firewall rules to block them.

The French CERT (CERT-FR) added that SLP can be disabled on non-updated ESXi servers to further reduce the risk of security breaches.

The identity of the group behind the campaign is currently unknown, but DarkFeed said the Bictoin wallets provided to victims for payment were different. No leak site linked to the group, just his Tox messaging app id in contact.

Editorial Credit Icon Image: Pavel Kapysh / Shutterstock.com



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Address:
 091, Peace Plaza, Asaba, Delta State.
216 DBS Road, Asaba, Delta State.
Start a conversation:

Follow Us Social Media

Facebook Twitter Youtube Instagram

All Rights Reserved. Kowatek Blog by IWUCHI

Home | About Us | Disclaimer | Privacy Policy | Contact Us