Quick overview of VMware ESXi
Last week, unknown threat actors started targeting, en masse, VMware ESXi hypervisors using CVE-2021-21974, an easily exploitable pre-authorization remote code execution vulnerability. Experts from Bitdefender Labs have been monitoring these exploitation attempts. Guided by our telemetry, we are providing a technical advisory to describe these attacks and document our own detections in the wild. We have also included recommendations based on our observations.
Article Link: Technical Advisory: Immediately Patch Your VMware ESXi Servers Targeted by Opportunistic Threat Actors