[Intel]: https://www.mandiant.com/resources/blog/vmware-esxi-zero-day-bypass #692
Description
Area
Malware reports
Parent threat
Execution, Persistence, Defense Evasion, Credential Access, Command and Control
Finding
https://www.mandiant.com/resources/blog/vmware-esxi-zero-day-bypass
Industry reference
attack:T1552:Unsecured Credentials
attack:T1212:Exploitation for Credential Access
attack:T1562:Impair Defenses
attack:T1580:Cloud Infrastructure Discovery
attack:T1525:Implant Internal Image
attack:T1102:Web Service
Malware reference
No response
Actor reference
UNC3886
Component
Linux, VMware
Scenario
No response