According to Cyberscoop, the cyber gang Cl0p “has claimed responsibility for attacks tied to vulnerabilities in software made by Cleo, an Illinois-based IT company that sells various types of enterprise software.” The gang claimed responsibility for the attacks on its website. The vulnerabilities affect Cleo’s products LexiCom, VLTrader, and Harmony. Cleo reportedly services approximately
MOVEit
Resilience Midyear 2023 Claims Report: Ransomware Cybercriminals Shift Tactics
By Linn Foster Freedman on
Posted in Cybersecurity
Resilience issued its Midyear 2023 Claims Report, which is well worth the read.
In addition to commenting on the impact of the MOVEit incident, some of the key findings include:
Joint Advisory on MOVEit Transfer Vulnerability Published
By Linn Foster Freedman on
Posted in Cybersecurity
CISA and FBI have issued a joint advisory on the MOVEit transfer vulnerability that should be on the radar of CISOs and IT professionals. The CLOP ransomware organization has been reportedly exploiting an SQL injection vulnerability in the MOVEit solution. According to the joint advisory, “Internet-facing MOVEit Transfer web applications were infected with a web…