A newly identified ransomware group called BERT is making headlines for its disruptive attack strategy: forcibly shutting down ESXi virtual machines before encryption — making recovery nearly impossible.
Key highlights:
🔹 Terminates VMs before encryption to block disaster recovery
🔹 Targets ESXi, Linux & Windows environments simultaneously
🔹 Impacts healthcare, tech, and event industries across continents
🔹 Reuses code from REvil for fast, multi-threaded encryption
🛡️ For RELIANOID clients using VMware ESXi:
We recommend securing all management interfaces behind RELIANOID’s reverse proxy with mTLS, enabling real-time logging, and activating our hot-restart feature for fast incident response — with threat intelligence and Layer 7 traffic inspection to proactively block ransomware behavior before it can act.
➡️ Full article with recommendations and mitigations:
🔗 https://www.relianoid.com/blog/bert-ransomware-targets-vmware-esxi-to-maximize-disruption/
#Ransomware #VMware #CyberSecurity #ESXi #RELIANOID #InfrastructureSecurity #BERT #ZeroTrust #DataProtection #ITsecurity
