Security alerts | February 2023

VMware ESXi – CVE-2021-21974 A new vulnerability was reported by security researchers. This article describes an explosion in the compromises of VMware ESXi hypervisors with over 500 machines hit by ransomware this weekend, with the automated attacks likely exploiting CVE-2021- 21974. VMware initially described CVE-2021-21974 (CVSS 8.8 [HIGH]) in its February 2021 VMSA-2021-0002 advisory as letting a “malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap- overflow issue in OpenSLP service resulting in remote code execution”.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
_GRECAPTCHA	5 months 27 days	This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
__cfruid	session	Cloudflare sets this cookie to identify trusted web traffic.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days
YSC	session
yt-remote-connected-devices	never	These cookies are set via embedded youtube-videos.
yt-remote-device-id	never	These cookies are set via embedded youtube-videos.

Escape the Security Hamster Wheel: How Detection-as-Code Sets SOC Teams Free

Tool Tip: Hunting APT Infrastructure with Validin

COMPANY

About us

Careers

SOLUTIONS

Fusion Center

Integration

Offensive Security

Compliance

Cloud Security

ICS/OT Security

MITRE Gap Assessment

KNOWLEDGE CENTER

Whitepapers

ICS Security Feed

Blog

FOR CLIENTS

NEWSLETTER

<img fetchpriority="high" decoding="async" class="aligncenter wp-image-39923 size-full" src="/wp-content/uploads/2023/03/header_SecurityAlerts_2023feb-1-1024x341-1.png" alt="" width="1500" height="500" />