November 30, 2023 at 02:06PM Cactus ransomware targets Qlik Sense analytics platform vulnerabilities for network access, exploiting unpatched systems to gain control, download tools, and deploy ransomware. Updates have been released to address critical flaws; users are advised to install designated patches. Arctic Wolf reports Cactus uses advanced techniques for persistence, lateral movement, and data … Read more
November 30, 2023 at 09:42AM Arctic Wolf has linked three critical vulnerabilities in Qlik’s analytics products to ransomware attacks, notably Cactus ransomware. The vulnerabilities, reported by Praetorian and patched by Qlik, allow remote code execution and admin access, with over 17,000 internet-exposed instances. The same threat actor seems responsible for multiple intrusions. Meeting Takeaways: 1. … Read more
November 30, 2023 at 06:30AM A CACTUS ransomware campaign is exploiting vulnerabilities in Qlik Sense, noted by Arctic Wolf researchers. These exploits allow attackers to gain initial access and establish persistence through various means, including disabling security software. The broader ransomware landscape continues to adapt and prove lucrative despite crackdowns, with groups like Black Basta … Read more