“Ransomware Alert: Clop Gang Targets Microsoft with Exploits on SysAid Zero-Day Vulnerability”

 

A new vulnerability in SysAid’s widely used IT service automation software has been discovered that lets hackers from a notorious ransomware gang exploit their software, says the software maker.

As reported by Sasha Shapirov, CEO of SysAid, in a blog post published Wednesday, attackers are exploiting a zero-day vulnerability that affects its Cloud software that is hosted on-premises. 

Zero-day vulnerabilities are defined as vulnerabilities that have no time to be fixed by a vendor- in this case, SysAid- before attackers exploit them in the wild.

There have been some limited attacks that have exploited a zero-day vulnerability in Microsoft’s SysAid IT support software, tracked as CVE-2023-47246, which was exploited by attackers in recent weeks. 

It has been reported by the IT giant that the attacks have been linked to the Clop ransomware group (also known as Lace Tempest). There was a flaw in the software that the company reported to its software provider, who immediately repaired it. 
A potential vulnerability in SysAid’s on-premise software was discovered by its security team on November 2nd, the company reported. An investigation of the issue has been undertaken by the cybersecurity firm Profero, which was engaged by the software firm. It was determined that Profero had found a zero-day vulnerability in the software that had compromised it. 
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: