Late last week, Mandiant researchers published findings from an incident response engagement detailing an attacker workflow that took place in a VMWare ESXI environment. In this workflow, the attackers placed malware or persistence mechanisms on each layer of this environment: 1. vSphere layer, which can manage multiple ESXI environments2. ESXI hypervisor layer, which can manage […]
Article Link: Some Notes on VIRTUALGATE – One Night in Norfolk