The Monti ransomware group is back and using a new Linux locker to target VMware, ESXi servers, legal, and government organizations. Watch to learn how Vali Cyber’s ZeroLock detects and stops this new ransomware threat from our Threat Intel lead, Nathan...
CVE-2023-2640 and CVE-2023-32629 are two easy-to-exploit privilege escalation vulnerabilities in the OverlayFS module in Ubuntu that affect 40% of Ubuntu cloud workloads. Cleverly nicknamed gameOver(lay), Vali Cyber’s ZeroLock can both remediate as well as...
Supply-chain attacks take advantage of insecure segments of the supply-chain of a target. An attacker will manipulate the elements used in the production process of the target, and thereby produce a vulnerability. In many modern examples this involves compromising...
Vali Cyber Threat Intelligence Report Fileless attacks are any cyber-attack which does not write any files to disk on the target system. This kind of attack has grown in popularity over recent years due to some of the distinct advantages they hold over more...
ZeroLock defends against many kinds of attacks, including ransomware. The Vali Cyber Threat Intelligence team regularly red teams the agent to ensure it responds effectively to sophisticated, evolving threats. The Threat Intelligence team developed a novel ransomware...
Summary BlackMatter is a ransomware campaign that has been terrorizing Linux users since late 2021. The variation is written in C++ and specifically targets VMWare ESXi servers. VMWare ESXi servers are a common target for ransomware attacks because they maintain the...
