A newly identified ransomware group called BERT is making headlines for its disruptive attack strategy: forcibly shutting down ESXi virtual machines before encryption β making recovery nearly impossible.
Key highlights:
πΉ Terminates VMs before encryption to block disaster recovery
πΉ Targets ESXi, Linux & Windows environments simultaneously
πΉ Impacts healthcare, tech, and event industries across continents
πΉ Reuses code from REvil for fast, multi-threaded encryption
π‘οΈ For RELIANOID clients using VMware ESXi:
We recommend securing all management interfaces behind RELIANOIDβs reverse proxy with mTLS, enabling real-time logging, and activating our hot-restart feature for fast incident response β with threat intelligence and Layer 7 traffic inspection to proactively block ransomware behavior before it can act.
β‘οΈ Full article with recommendations and mitigations:
π https://www.relianoid.com/blog/bert-ransomware-targets-vmware-esxi-to-maximize-disruption/
#Ransomware #VMware #CyberSecurity #ESXi #RELIANOID #InfrastructureSecurity #BERT #ZeroTrust #DataProtection #ITsecurity
