New ESXiArgs ransomware version prevents VMware ESXi recovery

Lawrence Abrams reports:

New ESXiArgs ransomware attacks are now encrypting more extensive amounts of data, making it much harder, if not impossible, to recover encrypted VMware ESXi virtual machines.

Last Friday, a massive and widespread automated ransomware attack encrypted over 3,000 Internet-exposed VMware ESXi servers using a new ESXiArgs ransomware.

Preliminary reports indicated that the devices were breached using old VMware SLP vulnerabilities. However, some victims have stated that SLP was disabled on their devices and were still breached and encrypted.

Read more at BleepingComputer.

TX: Kaufman County Faces Cybersecurity Attack: Courthouse Computer Operations Disrupted
Bombay High Court Orders Department of Telecommunications to Block Medusa Accounts After Generali Insurance Data Breach
Attorney General James Announces Settlement with Wojeski & Company Accounting Firm
John Bolton Indictment Provides Interesting Details About Hack of His AOL Account and Extortion Attempt
UK: 'Catastrophic' attack as Russians hack files on EIGHT MoD bases and post them on the dark web
A business's cyber insurance policy included ransom coverage, but when they needed it, the insurer refused to pay. Why?

Related: