New Cicada3301 RaaS operation ramps up attacks against VMware ESXi systems

Attacks by the RaaS operation commence with the infiltration of ScreenConnect via stolen or brute-forced credentials, as well as an IP address previously associated with the Brutus botnet, to facilitate the distribution of the Cicada3301 ransomware.

Article Link: New Cicada3301 RaaS operation ramps up attacks against VMware ESXi systems | SC Media