Main links

Subscribe Free
Search CarlsCloud™
CISSP
Newsletter
Try CarlsCloud™ CISSP Prep
Buy me a coffee!
AI News
AI Tools
Infosec News
Topics
Account

Secondary links

Subscribe Free
Buy me a coffee!
CISSP
Newsletter
Search CarlsCloud™
Try CarlsCloud™ CISSP Prep
AI News
AI Tools
Topics
Account
Profile
Newsletters

Subscribe Free
Search CarlsCloud™
CISSP
Newsletter
Try CarlsCloud™ CISSP Prep
Buy me a coffee!
AI News
AI Tools
Infosec News
Topics
Account

Subscribe Free
Buy me a coffee!
CISSP
Newsletter
Search CarlsCloud™
Try CarlsCloud™ CISSP Prep
AI News
AI Tools
Topics
Account
Profile
Newsletters

Attack Vectors

Common Attack Vector Information and Related Articles

Articles

Featured public

Attack Vectors

Sorting Through Haystacks to Find CTI Needles

By CloudNerve©

• 2 years ago

Featured public

VMware

New Python malware backdoors VMware ESXi servers for remote access

The new python backdoor adds seven lines inside "/etc/rc.local.d/local.sh," one of the few ESXi files that survive between reboots and is executed at startup.

By CloudNerve©

• 2 years ago

Featured public

VMware

VMware Beware: Lockbit 3.0 Targeting ESXi hash: 0f7c10dfa562adf15f1f6078ecaee788

Per Twitter @Unit42_Intel a LockBit 3.0 variant using ESXi Locker version 1.2 continues targeting ESXi hash: 0f7c10dfa562adf15f1f6078ecaee788.

By CloudNerve©

• 2 years ago

Members

ESXi

ESXi Alert: Bad VIB(E)s Part Two: Detection and Hardening within ESXi Hypervisors

In part one, we covered attackers’ usage of malicious vSphere Installation Bundles (“VIBs”) to install multiple backdoors across ESXi hypervisors, focusing on the malware present within the VIB payloads. In

By CloudNerve©

• 2 years ago

public

VMware

HOWTO: KB89619 – Mitigation and Threat Hunting Guidance for Unsigned vSphere Installation Bundles (VIBs) in ESXi (89619)

On Thursday September 29th, Mandiant published information on malware they discovered in the wild that leverages unsigned VIBs to install backdoors on a compromised ESXi host.

By CloudNerve©

• 2 years ago

Featured Members

Attack Vectors

ESXi ALERT: Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors

This malware ecosystem was initially detected during an intrusion investigation when Mandiant identified attacker commands sourced from the legitimate VMware Tools process, vmtoolsd.exe, on a Windows virtual machine hosted on a VMware ESXi hypervisor.

By CloudNerve©

• 2 years ago

Featured public

Attack Vectors

12+ Android Apps on Google Play Store Caught Dropping Banking Malware

By CloudNerve©

• 2 years ago

Featured public

Attack Vectors

Log4Shell Still Being Exploited to Hack VMWare Servers to Exfiltrate Sensitive Data

"Since December 2021, multiple threat actor groups have exploited Log4Shell on unpatched, public-facing VMware Horizon and [Unified Access Gateway] servers," the agencies said. "

By CloudNerve©

• 2 years ago

Featured public

Apple

EXPLOIT: 5-year old Apple Safari Vulnerability Detailed by Google

By CloudNerve©

• 2 years ago

Subscribe to our newsletter

Stay updated with CarlsCloud™ by signing up for our newsletter.

Your email address

🎉 Awesome! Now check your inbox and click the link to confirm your subscription.

Please enter a valid email address

Oops! There was an error sending the email, please try later