According to La Repubblica
Posted: Sat Dec 21, 2024 4:55 am
Even though this was a known vulnerability and the vendor had already released a patch for it in 2021, servers that had not implemented the security update were still saudi whatsapp number exposed to new intrusions all this time.
19 servers spread across Italy were attacked (for a total of 300 across Europe) and were mostly managed by small and medium-sized enterprises operating in non-critical sectors.
Table of Contents:
What to do?
Cybersecurity First
What to do?
Regarding this attack campaign, the Italian CSIRT (Computer Security Incident Response Team) reported what was published in the security advisory of the French Computer Emergency Response Team (CERT-FR), which invites you to follow the instructions provided by
In summary, it is recommended to disable the SLP service on ESXi hypervisors that have not been updated and to proceed with applying all available patches. At the same time, it is recommended to perform a system scan to identify any compromises. This is because the attacker may have already exploited the vulnerability and been able to delete the malicious code.
Cybersecurity First
Although our country is only marginally affected, sometimes it is the lack of attention from companies in terms of IT security that determines the success of attacks. In this case, in fact, the vulnerability had been known for almost two years and VMware had provided the patch to correct the bug.
This highlights how fundamental prevention activity is, which generally involves updating infrastructures to avoid exposing systems and providing a Disaster Recovery plan , in order to restore data and file backups in a short time and ensure the stability of the company's business.
19 servers spread across Italy were attacked (for a total of 300 across Europe) and were mostly managed by small and medium-sized enterprises operating in non-critical sectors.
Table of Contents:
What to do?
Cybersecurity First
What to do?
Regarding this attack campaign, the Italian CSIRT (Computer Security Incident Response Team) reported what was published in the security advisory of the French Computer Emergency Response Team (CERT-FR), which invites you to follow the instructions provided by
In summary, it is recommended to disable the SLP service on ESXi hypervisors that have not been updated and to proceed with applying all available patches. At the same time, it is recommended to perform a system scan to identify any compromises. This is because the attacker may have already exploited the vulnerability and been able to delete the malicious code.
Cybersecurity First
Although our country is only marginally affected, sometimes it is the lack of attention from companies in terms of IT security that determines the success of attacks. In this case, in fact, the vulnerability had been known for almost two years and VMware had provided the patch to correct the bug.
This highlights how fundamental prevention activity is, which generally involves updating infrastructures to avoid exposing systems and providing a Disaster Recovery plan , in order to restore data and file backups in a short time and ensure the stability of the company's business.