Microsoft and SysAid Find Clop Malware Vulnerability
SysAid has patched a zero-day vulnerability that could allow attackers to exfiltrate data and launch ransomware. On Nov. 8, SysAid, an Israel-based IT service management software company, reported a potentially exploited zero-day vulnerability in their on-premises software. Users of their on-premises server installations were encouraged to run version 23.3.36, which contained a fix. Microsoft Threat Intelligence analyzed the threat and found that Lace Tempest had exploited it. The vulnerability was exploited by the threat group…
Read More