A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known for deploying Cl0p ransomware. Lace Tempest has previously exploited zero-day vulnerability (CVE-2023-34362) in Progress Software’s MOVEit Transfer installations to steal data from many enterprises and public sector organizations. The group has also similarly leveraged zero days in the Accellion file transfer appliance and Fortra’s GoAnywhere file transfer solution. CVE-2023-47246 exploited The … More
The post MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246) appeared first on Help Net Security.