Following the discovery of a coding flaw in the ESXiArgs Ransomware, the US government Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released a document outlining how to use the various scripts and processes to recovery data after an attack:
CISA and FBI Release ESXiArgs Ransomware Recovery Guidance | CISA
But
There is now a new version of the malware that fixes the previous flaw, so new attacks with this version are unlikely to benefit from this recovery process – so get those servers patched.
New ESXiArgs ransomware version prevents VMware ESXi recovery (bleepingcomputer.com)
Further Reading
ESXiArgs ransomware is a massive problem – Smart Thinking Solutions
The bad guys do not always get it right… – Smart Thinking Solutions
Please Note:
I am on the road and away from the office, so the news this week is “in brief”. You can still contact me via the contact page and Octagon Technology.