Cleo Harmony, VLTrader, and LexiCom – RCE via Arbitrary File Write (CVE-2024-50623)

Attribute Details Threat Actors Ransomware operators Campaign Overview Exploitation of CVE-2024-50623 in Cleo MFT software…

ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms

Attribute Details Threat Actors Unknown group, associated with Black Basta ransomware Campaign Overview Ongoing ZLoader…

Multiple Cleo file transfer products being exploited by hackers

Attribute Details Threat Actors Termite ransomware group, unidentified hackers exploiting Cleo vulnerabilities Campaign Overview Active…

Black Basta Ransomware Uses MS Teams, Email Bombing to Spread Malware

Attribute Details Threat Actors Black Basta ransomware group (aka UNC4393) Campaign Overview Sophisticated social engineering…

3AM Ransomware: What You Need To Know

Attribute Details Threat Actors 3AM ransomware group Campaign Overview Emerged in late 2023; exfiltrates, encrypts,…

Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged

Attribute Details Threat Actors Termite ransomware group (potentially linked to Cl0p/Lace Tempest) Campaign Overview Mass…

Termite Ransomware Attack on Blue Yonder: What You Need to Know

Category Details Threat Actors Termite ransomware group, an emerging variant of Babuk ransomware. Campaign Overview…

US subsidiaries of Japanese water treatment company, green tea maker hit with ransomware

Attribute Details Threat Actors Ransomware gangs Campaign Overview Ransomware incidents affecting multiple Japanese companies' U.S.…

Medical device company says shipping processes disrupted by ransomware attack

Attribute Details Threat Actors Unknown ransomware group (no claim of responsibility). Campaign Overview Disruption of…

Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering

Attribute Details Threat Actors Black Basta (also referred to as UNC4393) Campaign Overview Black Basta…