Bleeping Computer reports: Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware. SysAid is a comprehensive IT Service Management (ITSM) solution that provides a suite of tools for managing various IT services within an organization. The Clop ransomware is notorious […]
Don Nokes of NetCenergy, an outsourced IT service provider, explains the emerging threat and provides this example: Once the bad actors learn (possibly from first hacking a firm’s email) that a financial transaction is taking place, they send an AI-generated voice message to confirm where to send the funds. The fund transferer hears the familiar […]
HC3: Sector AlertTLP:CLEARReport: 202309181700 Executive Summary Cisco Talos has published an open-source report regarding the North Korean state-sponsored actor, the Lazarus Group, reported to be targeting internet backbone infrastructure and healthcare entities in Europe and the United States. The attackers have been exploiting a vulnerability in ManageEngine products, which is tracked as CVE-2022-47966. This vulnerability […]
