Lucene search
K

13 matches found

hivepro
hivepro
•added 2023/11/15 9:15 a.m.•42 views

Attacks, Vulnerabilities and Actors 6 November to 12 November 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of twenty-five executed attacks, six instances of adversary activity, and four exploited...

7.5CVSS7.4AI score0.98851EPSS
Exploits3
hivepro
hivepro
•added 2023/11/14 8:22 a.m.•45 views

Lace Tempest Exploits Zero-Day in a Strategic Strike on SysAid

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Lace Tempest has been implicated in exploiting a zero-day vulnerability, identified as CVE-2023-47246. This exploitation allows for the execution of code within SysAid on-premise software, leading...

7.5CVSS7.5AI score0.98851EPSS
Exploits3
ATTACKERKB
ATTACKERKB
•added 2023/11/10 12:0 a.m.•54 views

CVE-2023-47246

In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023. Recent assessments: cbeek-r7 at November 09, 2023 2:50pm UTC reported: On November 8, 2023, SysAid, an IT...

9.8CVSS9.5AI score0.98851EPSS
In wildExploits3References5
The Hacker News
The Hacker News
•added 2023/11/09 4:54 p.m.•71 views

Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability

The threat actor known as Lace Tempest has been linked to the exploitation of a zero-day flaw in SysAid IT support software in limited attacks, according to new findings from Microsoft. Lace Tempest, which is known for distributing the Cl0p ransomware, has in the past leveraged zero-day flaws in...

8AI score0.98851EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
•added 2023/11/09 2:12 p.m.•190 views

CVE-2023-47246: SysAid Zero-Day Vulnerability Exploited By Lace Tempest

On November 8, 2023, IT service management company SysAid disclosed CVE-2023-47426, a zero-day path traversal vulnerability affecting on-premise SysAid servers. According to Microsoft’s threat intelligence team, it has been exploited in the wild by DEV-0950 Lace Tempest in ā€œlimited attacks.ā€ In a...

7.5CVSS9.4AI score0.99934EPSS
Exploits18
Malwarebytes
Malwarebytes
•added 2023/11/09 1:43 p.m.•35 views

Update now! SysAid vulnerability is actively being exploited by ransomware affiliate

Users of SysAid on-premises should take action to deal with a vulnerability. SysAid is a widely used IT service management solution that allows IT teams to manage tasks. Microsoft discovered an ongoing exploitation of a zero-day vulnerability in the SysAid IT support software in limited attacks b...

7.5CVSS7.9AI score0.98851EPSS
Exploits3
hivepro
hivepro
•added 2023/06/13 6:58 a.m.•53 views

Actors, Threats and Vulnerabilities 5 June to 11 June 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of seven attacks executed, taking advantage of five different vulnerabilities in...

9.3CVSS6.9AI score0.99934EPSS
Exploits77
The Hacker News
The Hacker News
•added 2023/06/08 1:56 p.m.•8 views

Clop Ransomware Gang Likely Aware of MOVEit Transfer Vulnerability Since 2021

The U.S. Cybersecurity and Infrastructure Security Agency CISA and Federal Bureau of Investigation FBI have published a joint advisory regarding the active exploitation of a recently disclosed critical flaw in Progress Software's MOVEit Transfer application to drop ransomware. "The Cl0p Ransomwar...

9.8CVSS8.8AI score0.99934EPSS
Exploits15
Malwarebytes
Malwarebytes
•added 2023/06/06 1:0 a.m.•370 views

Cl0p ransomware gang claims first victims of the MOVEit vulnerability

On Friday June 2, 2023 we reported about a MOVEit Transfer vulnerability that was actively being exploited. If your organization uses MOVEit Transfer and you havent patched yet, it really is time to move it. Excuse the bad pun, but yesterday we saw the first victims of this vulnerability come...

7.5CVSS8.2AI score0.99934EPSS
Exploits15
The Hacker News
The Hacker News
•added 2023/06/05 12:3 p.m.•6 views

Microsoft: Lace Tempest Hackers Behind Active Exploitation of MOVEit Transfer App

Microsoft has officially linked the ongoing active exploitation of a critical flaw in the Progress Software MOVEit Transfer application to a threat actor it tracks as Lace Tempest. "Exploitation is often followed by deployment of a web shell with data exfiltration capabilities," the Microsoft...

9.8CVSS8.3AI score0.99934EPSS
Exploits15
The Hacker News
The Hacker News
•added 2023/06/05 12:3 p.m.•83 views

Microsoft: Lace Tempest Hackers Behind Active Exploitation of MOVEit Transfer App

Microsoft has officially linked the ongoing active exploitation of a critical flaw in the Progress Software MOVEit Transfer application to a threat actor it tracks as Lace Tempest. "Exploitation is often followed by deployment of a web shell with data exfiltration capabilities," the Microsoft...

8.2AI score0.99934EPSS
Exploits15
The Hacker News
The Hacker News
•added 2023/04/27 8:20 a.m.•83 views

Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware

Microsoft has confirmed that the active exploitation of PaperCut servers is linked to attacks that are designed to deliver Cl0p and LockBit ransomware families. The tech giant's threat intelligence team is attributing a subset of the intrusions to a financially motivated actor it tracks under the...

9.8CVSS8.9AI score0.99999EPSS
Exploits35
The Hacker News
The Hacker News
•added 2023/04/27 8:20 a.m.•4 views

Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware

Microsoft has confirmed that the active exploitation of PaperCut servers is linked to attacks that are designed to deliver Cl0p and LockBit ransomware families. The tech giant's threat intelligence team is attributing a subset of the intrusions to a financially motivated actor it tracks under the...

8.8CVSS8.2AI score0.99999EPSS
Exploits11
Rows per page
Query Builder