CISA cybersecurity advisory addresses ongoing ransomware campaign

February 9, 2023 by CUNA News

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) in response to the ongoing ransomware campaign, known as “ESXiArgs.”

Malicious actors may be exploiting known vulnerabilities in VMware ESXi servers that are likely running unpatched and out-of-service or out-of-date versions of VMware ESXi software to gain access and deploy ransomware.

The ESXiArgs ransomware encrypts configuration files on ESXi servers, potentially rendering virtual machines (VMs) unusable.

CISA has released an ESXiArgs recovery script at github.com/cisagov/ESXiArgs-Recover. Organizations that have fallen victim to ESXiArgs ransomware can use this script to attempt to recover their files. This CSA provides guidance on how to use the script.
ESXiArgs actors have compromised over 3,800 servers globally.

CISA cybersecurity advisory addresses ongoing ransomware campaign

Featured

Best advice for your career: Run YOUR race

Why connecting with Gen Z and Millennial credit union members is crucial

Rethink your marketing for the digital age—Embedded finance is key

Leadership is lonely—but you are not alone

Stay connected to the credit union community with our free newsletter!

You have Successfully Subscribed!