Crimson Shadow Malware Focuses on Microsoft Exchange in Cloud Environments

Black Basta is the latest ransomware gang to add support for encrypting VMware ESXi virtual machines (VMs) running on enterprise Linux servers.

Most ransomware groups are now focusing their attacks on ESXi VMs since this tactic aligns with their enterprise targeting. It also makes it possible to take advantage of faster encryption of multiple servers with a single command.

Encrypting VMs makes sense since many companies have recently migrated to virtual machines as they allow for easier device management and a lot more efficient resource usage.