The Information Highway

The Information Highway

UNC3886 hackers use Linux rootkits to hide on VMware ESXi VMs


A suspected Chinese threat actor tracked as UNC3886 uses publicly available open-source rootkits named 'Reptile' and 'Medusa' to remain hidden on VMware ESXi virtual machines, allowing them to conduct credential theft, command execution, and lateral movement.

Continue reading
  242 Hits