November 9, 2023 at 06:09PM A new zero-day exploit has been discovered that uses a vulnerability in on-premises deployments of SysAid IT Support software to deploy Clop ransomware. Microsoft has announced the flaw and SysAid has issued a patch. The threat actor behind the exploit is Lace Tempest, known for deploying Clop ransomware. Enterprise teams … Read more
November 9, 2023 at 12:16PM Lace Tempest, the threat actor behind the Cl0p ransomware, has exploited a zero-day flaw in SysAid IT support software. The flaw, tracked as CVE-2023-47246, allows code execution and has been patched by SysAid. Lace Tempest uses the vulnerability to deliver the Gracewire malware, engage in data theft, and deploy ransomware. … Read more
November 9, 2023 at 07:40AM Cybercriminals associated with the Cl0p ransomware gang, known as Lace Tempest, have exploited a zero-day vulnerability in on-prem versions of IT service and help desk software SysAid. Microsoft’s Threat Intelligence discovered the exploits and reported them to SysAid, who promptly released patches. The attackers used a new path traversal vulnerability … Read more
November 9, 2023 at 05:30AM SysAid IT service management software has been targeted by a zero-day vulnerability used by a ransomware operation. Microsoft’s threat intelligence team discovered the exploitation and alerted SysAid, who released a patch on November 8. The vulnerability enables arbitrary code execution and was used by the group Lace Tempest, also linked … Read more