Prolonged exploitation of VMware zero-day conducted by Chinese hackers

23 January 2024

Attacks exploiting a critical out-of-bounds write zero-day vulnerability in VMware Center Server, tracked as CVE-2023-34048, have been deployed by Chinese cyberespionage operation UNC3886 since 2021, two years before the flaw was identified and addressed, reports The Hacker News. UNC3886 leveraged the flaw to obtain vCenter system privileges and facilitate ESXi host and virtual machine enumeration to inject the VIRTUALPIE and VIRTUALPITA malware, a report from Mandiant revealed.

Source: SC Magazine

Date:

23 January 2024

Categorie(s):

NEWS

Tag(s):

Chinese, IT, Ransomware, Virtualization, VMware

Microsoft plans to lock down Windows DNS like never before. Here’s how.4 May 2024
Kaspersky hits back at claims its AI helped Russia develop military drone systems4 May 2024
Kaspersky hits back at claims it helped Russia develop military drone systems3 May 2024
Smoke and (screen) mirrors: A strange signed backdoor3 May 2024
Kaspersky accused of helping Russia develop military drone systems3 May 2024