Advertisement
Top
image credit: Adobe Stock

SysAid zero-day exploited by Clop ransomware group

November 10, 2023

Via: Security Affairs
Category:

Microsoft reported the exploitation of a zero-day vulnerability, tracked as CVE-2023-47246, in the SysAid IT support software in limited attacks.

The IT giant linked the attacks to the Clop ransomware gang (aka Lace Tempest). The company reported the flaw to the software vendor which quickly fixed it.

The Lace Tempest operators exploited the vulnerability to issue commands via the SysAid software to deliver a loader for the Gracewire malware (aka FlawedGrace). The malware enabled human-operated activity, including lateral movement, data theft, and ransomware deployment.

Read More on Security Affairs

RELATED PUBLICATIONS

Sweden’s liquor supply severely impacted by ransomware attack on logistics company
North Korean Hackers Hijack Antivirus Updates for Malware Delivery
Dangerous ICS Malware Targets Orgs in Russia and Ukraine

Latest Publications

The Los Angeles County Department of Health Services disclosed a data breach
Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Autodesk Drive Abused in Phishing Attacks 
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!