The December 2025 CISA/NSA/Cyber Centre analysis of BRICKSTORM represents one of the clearest signals yet that hypervisors have become priority targets for state-backed cyber operations. The report attributes BRICKSTORM to PRC state-sponsored actors and documents a...
As organizations continue to adopt VMware Cloud Foundation (VCF) 9, security remains a top priority. Hypervisors are an increasingly critical layer which—if compromised—can give attackers complete control over the environment. VCF 9 has introduced several advanced...
When attackers reach the virtualization layer, they gain control of the systems that run the entire business. This unfortunate scenario has occurred exponentially in recent years as threat actors discover that the hypervisor remains the least monitored, least...
Virtualization changed everything about how modern computing works, but most people have no idea what’s happening under the hood. Before virtualization, companies had to buy a separate physical machine for every single application they ran. Rooms of hardware, insane...
BRICKSTORM is a custom-made malware family recently being used by suspected state-aligned threat actors out of China. Some of the binary files associated with BRICKSTORM appear to have been made specifically to target vCenter servers and VMware virtualized...
Aliases DragonForce Malaysia (early hacktivist identity) DragonForce Ransomware Gang DragonLeaks (leak site) DFRansom Get Threat Intel and Security Updates Delivered to Your Inbox. Name* First Last Business Email* Profiling Threat Actor Type: Initially a...
