Actor
Detection of ESXi syslog configuration changes using esxcli, potentially indicating an attempt to disrupt logging and evade detection, with known association to Black Basta ransomware.