Key Cyber Threats in H1 2024: Ransomware, Data Leaks, and Evolving Attack Methods

August 29, 2024 | BlackByte, likely a Conti spin-off, is now exploiting a newly disclosed VMware ESXi vulnerability (CVE-2024-37085). This allows attackers to gain full control over virtual machines, marking a shift from BlackByte’s traditional methods. Cisco Talos Incident Response reports that BlackByte’s rapid integration of this vulnerability shows their evolving tactics.

Experts like Callie Guenther at Critical Start stress the critical nature of this threat, particularly as ESXi hypervisors are integral to many enterprises. BlackByte’s new techniques include using outdated drivers to bypass security tools, making detection difficult.

Defenders must quickly patch systems, monitor access, and implement multi-factor authentication to counteract these sophisticated attacks.

[Read the full report]

Newsletter Signup

Stay up-to-date on the latest resources and news from CRITICALSTART.