CISA’s recent disclosure of the BRICKSTORM campaign highlights a critical shift in attacker tactics: the virtualization layer is now a primary target. These operations leverage compromised credentials, deploy persistent backdoors, and even create rogue VMs to maintain...
Aliases DragonForce Malaysia (early hacktivist identity) DragonForce Ransomware Gang DragonLeaks (leak site) DFRansom Get Threat Intel and Security Updates Delivered to Your Inbox. Name* First Last Business Email* Profiling Threat Actor Type: Initially a...
In this episode of The CyberVault, Austin Gadient, Co-Founder and CTO of Vali Cyber, breaks down why attackers are targeting the hypervisor, how groups like Scattered Spider are reaching deeper into virtualized environments, and why protecting the hypervisor is...
The intricate architecture of hypervisors, while providing remarkable flexibility and scalability for enterprise-level operations, also represents one of the most critical under-protected attack surfaces existing today. This concurrently introduces significant...
CISOs have spent the last decade hardening endpoints, identities, and cloud workloads. Yet for many organizations, the hypervisor remains dangerously exposed. Over the past four years, hypervisor-specific ransomware has driven an estimated $1 billion in damage, with...
How does your Incident Response plan address ESXi? Check out these recommendations from Unit 42 and Mandiant, along with how ZeroLock can help! Download the Datasheet
Aliases ShinyCorp UNC6240 Sometimes referenced as “Scattered Lapsus$ Hunters” in recent collaborations. Get Threat Intel and Security Updates Delivered to Your Inbox. Name* First Last Business Email* Profiling Threat Actor Type: Financially motivated data-theft and...
As enterprise virtualization scales, hypervisors like VMware ESXi have become critical—and increasingly exploited—attack surfaces. High-profile breaches such as Scattered Spider, the MGM Resorts ($110M) incident, and the Johnson Controls ($51M) breach demonstrate the...
