The FortiGuard Incident Response team are ready to assist with the discovery, containment and remediation of intrusions that have originated from exploitation of vulnerable ESXi servers.
There is currently a large scale global campaign targeting external facing ESXi servers that appears to culminate in the deployment of ransomware to encrypt hosted VM files.
A quick, measured response can assist in minimizing business impact and improving the chances of restoring encrypted files.
Scope
FortiGuard.
Solution
To engage the IR team directly to assist with an investigation, use the ‘Experienced a breach?’ link available here:
This webpage also has additional information on the IR services provided and how it can help mitigate the risk of intrusions such as this.
If there is a question of whether the systems may be vulnerable to target as part of this campaign or to proactively prepare the security teams to better handle threats associated with campaigns like this, it is possible to engage our Incident Response Readiness service.
The FortiGuard IR Readiness service can assess the security posture and provide support to patch holes in the defenses, build playbooks to combat emerging threats and war game the existing processes as part of tabletop activities.
Related link:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.