CISA Alert AA23-039A: ESXiArgs Ransomware targets vulnerable ESXi servers
Tags
country: Canada Netherlands Germany France United States Of America
maec-delivery-vectors: Watering Hole
attack-pattern: Data Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Python - T1059.006 Software - T1592.002 Vulnerabilities - T1588.006 Hypervisor - T1062
Show in Graph
Common Information
Type Value
UUID d0f8b444-2ceb-476d-8cea-bf3aea231e87
Fingerprint b7b62cfbac74ae5f
Analysis status DONE
Considered CTI value 0
Text language
Published Feb. 23, 2023, 2:29 p.m.
Added to db Feb. 23, 2023, 4:26 p.m.
Last updated Nov. 17, 2024, 5:57 p.m.
Headline CISA Alert AA23-039A: ESXiArgs Ransomware targets vulnerable ESXi servers
Title CISA Alert AA23-039A: ESXiArgs Ransomware targets vulnerable ESXi servers
Detected Hints/Tags/Attributes 45/3/7
Source URLs
Redirection Url
Details Source https://www.picussecurity.com/resource/blog/cisa-alert-aa23-039a-esxiargs-ransomware-targets-vulnerable-esxi-servers
URL Provider
Details Provider Source level domain
Details picussecurity.com www.picussecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 352 Resources-2 https://www.picussecurity.com/resource/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 52 
cve-2021-21972
Details Domain 1 
ransomware.linux.esxiargs.tc
Details Domain 469 
www.cisa.gov
Details Domain 65 
www.cert.ssi.gouv.fr
Details File 141 
www.cer
Details Url 1 
https://www.cisa.gov/uscert/ncas/alerts/aa23-039a.
Details Url 1 
https://www.cert.ssi.gouv.fr/alerte/certfr-2023-ale-015/.