A newly identified threat activity cluster leveraged the already-patched Check Point vulnerability CVE-2024-24919 (fixed in May 2024) to deploy ShadowPad. Reports indicate that, in a small number of cases, this initial infection also resulted in the deployment of NailaoLocker ransomware. No new vulnerability was exploited—only the previously disclosed and patched one. Customers who have not yet implemented the patch should follow the instructions here. This will prevent attackers from getting VPN credentials, which is the first step in the infection chain. The campaign targeted various organizations, mainly in Europe, Africa, and the Americas. The most targeted sector was manufacturing. Check […]
The post Patch Now: Check Point Research Explains Shadow Pad, NailaoLocker, and its Protection appeared first on Check Point Blog.