"Security Researchers Double-Down on the Need to Patch VMware ESXi Servers"

Security teams are urged to double-down on their efforts to patch the two-year-old VMware ESXi server vulnerability that impacted thousands of VMware customers. According to a blog post published by AT&T Cybersecurity on March 20, companies that have not installed the patch are at risk of falling victim to ransomware. The ESXiArgs ransomware campaign hit around 3,200 VMware ESXi servers worldwide, according to a Censys search. The most affected country was France, followed by the US, Germany, and Canada. BlueVoyant's director of external cyber assessments, Lorri Janssen-Anessi, advised security teams to install VMware ESXi updates promptly. If companies are unable to update, they should configure their system to minimize risks, including disabling the port targeted by ransomware. In addition, all organizations using the impacted VMware software should conduct thorough system scans to detect any indicators of compromise. This article continues to discuss the need for security teams to double-down on patching VMware ESXi servers. 

SC Media reports "Security Researchers Double-Down on the Need to Patch VMware ESXi Servers"