What is the Attack?Threat actors are exploiting an authentication bypass vulnerability in ESXi hypervisors, known as CVE-2024-37085, to gain full administrative permissions on domain-joined ESXi hypervisors. This flaw allows threat actors to encrypt critical ESXi servers in ransomware attacks. On Monday, July 29, Microsoft published a threat intelligence blog on observed exploitation of CVE-2024-37085. According to the blog, Akira and Black Basta ransomware deployments were found on the impacted servers. The vulnerability has also been added to CISA’s Known Exploited Catalog (KEV) list on July 31, 2024.What is the recommended Mitigation?Please go through the vendor provided update to address the security vulnerability. Support Content Notification – Support Portal – Broadcom support portalWhat FortiGuard Coverage is available?FortiGuard Labs recommends users to apply the patches released by the vendor immediately to secure their systems.FortiGuard Intrusion Prevention Service (IPS) protection is currently being investigated to defend against exploitation of CVE-2024-37085.The FortiGuard Incident Response team can be engaged to help with any suspected compromise.To learn more about the Akira and BlackBasta Ransomware, read the Outbreak Reports posted by FortiGuard Labs. Black Basta Ransomware | Outbreak Alert | FortiGuard LabsAkira Ransomware | Outbreak Alert | FortiGuard Labs
More Stories
jupyterlab-4.3.6-1.fc41
FEDORA-2025-e50201543b Packages in this update: jupyterlab-4.3.6-1.fc41 Update description: Update to 4.3.6 (rhbz#2352545) Read More
jupyterlab-4.3.6-1.fc40
FEDORA-2025-1d68ba6806 Packages in this update: jupyterlab-4.3.6-1.fc40 Update description: Update to 4.3.6 (rhbz#2352545) Read More
MS-ISAC CYBERSECURITY ADVISORY – Multiple Vulnerabilities in Sante PACS Server Could Allow for Remote Code Execution – PATCH NOW – TLP: CLEAR
Multiple vulnerabilities have been discovered in Sante PACS Server, the most severe of which could allow for remote code execution....
dotnet8.0-8.0.114-1.fc40
FEDORA-2025-83c147615e Packages in this update: dotnet8.0-8.0.114-1.fc40 Update description: This is the monthly update for .NET for March 2025. Release Notes:...
dotnet8.0-8.0.114-1.fc41
FEDORA-2025-adbd75f500 Packages in this update: dotnet8.0-8.0.114-1.fc41 Update description: This is the monthly update for .NET for March 2025. Release Notes:...
dotnet8.0-8.0.114-1.fc42
FEDORA-2025-54ac622cef Packages in this update: dotnet8.0-8.0.114-1.fc42 Update description: This is the monthly update for .NET for March 2025. Release Notes:...