2023 CL0P Growth
Emerging in early 2019, CL0P was first introduced as a more advanced version of its predecessor the βCryptoMixβ ransomware, brought about by its owner CL0P ransomware, a cybercrime organisation. Over the years the group remained active with significant campaigns throughout 2020 to 2022. But in 2023 the CL0P ransomware gang took itself to new heights and became one of the
Progress Software on ThursdayΒ disclosedΒ a third vulnerability impacting its MOVEit Transfer application, as the Cl0p cybercrime gang deployed extortion tactics against affected companies.
TheΒ new flaw, which is being tracked as CVE-2023-35708, also concerns an SQL injection vulnerability that "could lead to escalated privileges and potential unauthorized access to the environment."
The company
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have published a joint advisory regarding the active exploitation of aΒ recently disclosed critical flawΒ in Progress Software's MOVEit Transfer application to drop ransomware.
"The Cl0p Ransomware Gang, also known as TA505, reportedly began exploiting a previously unknown SQL injection
Iranian nation-state groups have now joined financially motivated actors in actively exploiting a critical flaw in PaperCut print management software, Microsoft disclosed over the weekend.
The tech giant's threat intelligence team said it observed both Mango Sandstorm (Mercury) and Mint Sandstorm (Phosphorus) weaponizing CVE-2023-27350 in their operations to achieve initial access.
"This
Microsoft has confirmed that theΒ active exploitation of PaperCut serversΒ is linked to attacks that are designed to deliver Cl0p and LockBit ransomware families.
The tech giant's threat intelligence team is attributing a subset of the intrusions to a financially motivated actor it tracks under the nameΒ Lace TempestΒ (formerly DEV-0950), which overlaps with other hacking groups like FIN11, TA505,
Login
FreshRSS