Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script
Malware and Vulnerabilities
March 26, 2024
Trend Micro
Agenda ransomware group uses RMM tools, as well as Cobalt Strike for deployment of the ransomware binary. It can also propagate via PsExec and SecureShell, while also making use of different vulnerable SYS drivers for defense evasion.
Read More
Agenda Ransomware
VMware vCenter
VMWare ESXi servers
PowerShell script
RMM Tools
Publisher
Previous
Agent Tesla's New Ride: The Rise of a Novel Loader
Malware and Vulnerabilities
Next
Canadian Discount Retailer Giant Tiger Says Customer Da ...
Breaches and Incidents
/https://cyware-ent.s3.amazonaws.com/image_bank/debc_shutterstock_1935957436.jpeg)
/https://cyware-ent.s3.amazonaws.com/image_bank/5677_shutterstock_1823334926.jpg)
