Categories: US-Cert-Repository

VMWare Releases Guidance for VirtualPITA, VirtualPIE, and VirtualGATE Malware Targeting vSphere



Original release date: September 29, 2022

VMWare has released Protecting vSphere From Specialized Malware, addressing malware artifacts known as VirtualPITA (ESXi & Linux), VirtualPIE (ESXi), and VirtualGATE (Windows), which are used to exploit and gain persistent access to instances of ESXi.

CISA urges organizations employing VMWare ESXi to review the following for more information and to apply recommended mitigations and threat hunting guidance:

  • VMware: Protecting vSphere From Specialized Malware
  • VMware: Knowledge Base 89619 – Mitigation and Threat Hunting Guidance for Unsigned vSphere Installation Bundles (VIBs) in ESXi (including a script to audit ESXi hosts)
  • VMWare: vSphere Security Configuration Guides (baseline hardening guidance for VMware vSphere)

This product is provided subject to this Notification and this Privacy & Use policy.



Source link

admin

Share
Published by
admin

Recent Posts

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems (ICS) advisories on June 3, 2025. These advisories provide…

21 hours ago

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems (ICS) advisories on June 5, 2025. These advisories provide…

2 days ago

CISA Adds One Known Exploited Vulnerability to Catalog

 CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

3 days ago

Updated Guidance on Play Ransomware

CISA, the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate’s Australian Cyber Security…

4 days ago

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

5 days ago

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of…

6 days ago

This website uses cookies.