#GraceWire

Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability

by

November 9, 2023 at 12:16PM Lace Tempest, the threat actor behind the Cl0p ransomware, has exploited a zero-day flaw in SysAid IT support software. The flaw, tracked as CVE-2023-47246, allows code execution and has been patched by SysAid. Lace Tempest uses the vulnerability to deliver the Gracewire malware, engage in data theft, and deploy ransomware. … Read more

MOVEit cybercriminals unearth fresh zero-day to exploit on-prem SysAid hosts

by

November 9, 2023 at 07:40AM Cybercriminals associated with the Cl0p ransomware gang, known as Lace Tempest, have exploited a zero-day vulnerability in on-prem versions of IT service and help desk software SysAid. Microsoft’s Threat Intelligence discovered the exploits and reported them to SysAid, who promptly released patches. The attackers used a new path traversal vulnerability … Read more