ESXiArgs Ransomware Exploiting CVE-2021-21974 (RCE in OpenSLP) and Hunting for IIS Module Backdoors

preview_player
Показать описание
In this week's Threat SnapShot, we'll first dig into the recent ESXiArgs ransomware affecting thousands of unpatched, internet-facing systems. We'll cover everything you need to know, including the exploit used to gain remote code execution on the ESX server (CVE-2021-21974) and the ransomware modules. We'll also discuss mitigation guidance and a recovery script released by CISA for those affected by the ransomware.

ESXiArgs References:

IIS Module References:
Persistence via IIS Extension Backdoor
  1. SnapAttack
Рекомендации по теме
ESXiArgs Ransomware Exploiting 0:18:16

ESXiArgs Ransomware Exploiting CVE-2021-21974 (RCE in OpenSLP) and Hunting for IIS Module Backdoors

VMWare ESXiArgs Ransomware 0:08:52

VMWare ESXiArgs Ransomware Attack | CVE-2021-21974 | Technical Details | OPENSLP

CVE-2021-21974 in VMware, 0:01:16

CVE-2021-21974 in VMware, explained

ESXiArgs Ransomware: A 0:03:37

ESXiArgs Ransomware: A Comprehensive Guide

vmware ESXi Attack 0:02:46

vmware ESXi Attack - ESXiArgs ransomware

ESXiArgs Ransomware Analysis 0:57:30

ESXiArgs Ransomware Analysis with @fwosar

#vmware remote code 0:00:33

#vmware remote code execution attack 2022 | CVE-2022-22954

Hackers Unleashed Ransomware 0:12:24

Hackers Unleashed Ransomware on VMWare ESXi - Here's What You Need to Know

CVE-2021-21972 - VMware 0:03:57

CVE-2021-21972 - VMware vCenter Server Remote Code Execution

CVE-2021-21985 VCenter Pre-Auth 0:00:28

CVE-2021-21985 VCenter Pre-Auth RCE (Direct Shell)

Cyber Security News: 0:01:00

Cyber Security News: Aruba OS critical Vulnerabilities #sase #sse #secureaccess #secureremoteaccess

[SICUREZZA] - ESXIArgs 0:21:41

[SICUREZZA] - ESXIArgs recuperare una vm criptata dal ransonware

Daily Cybersecurity News: 0:15:08

Daily Cybersecurity News: ESXiArgs Hits 3800 Servers, Chrome Patch, Turkey Abuse, ChatGPT Jailbreak

Log4Shell(CVE-2021-44228) Pwn2 #30DaysOfHacking2022 0:56:28

Log4Shell(CVE-2021-44228) Pwn2 #30DaysOfHacking2022

Nový Ransomware ESXiArgs 0:08:52

Nový Ransomware ESXiArgs cílí na neopravené VMware ESXi servery po celém světě - SecurityCast Ep.153...

Ransomware Targets ESXi! 0:27:09

Ransomware Targets ESXi! MSIX Update! Bing AI Preview Launches!

RCE | Remote 0:02:52

RCE | Remote Code Execution | Bug Bounty | CLI | Python | Kali | Linux | Termux | Hacking | infosec

VMware ESXi Servers 0:10:36

VMware ESXi Servers Encrypted by Lightning-Fast Python Script

How VMware Ransomware 0:04:52

How VMware Ransomware Works (And VMware Fundamentals That Matter)

The Rise of 0:01:26

The Rise of Cuba Ransomware: An overview

Lateral movement: Pass 0:06:11

Lateral movement: Pass the hash attack threat hunting (part 1)

Cuba Ransomware: details 0:56:05

Cuba Ransomware: details and protection methods

2023-02-14 Revue d'actualité 1:31:19

2023-02-14 Revue d'actualité