Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader exploitation campaign that has already led to the breach of at least 148 organizations worldwide.
Security researchers at Palo Alto Networks' Unit 42 have discovered a 4L4MD4R ransomware variant, based on open-source Mauri870 code, while analyzing incidents involving this SharePoint exploit chain (dubbed "ToolShell").
The ransomware was detected on July 27 after discovering a malware loader that downloads and executes the ransomware from theinnovationfactory[.]it (145.239.97[.]206).
[...]
Ransomware gangs join attacks targeting Microsoft SharePoint servers
Ransomware gangs join attacks targeting Microsoft SharePoint servers
-
rbc
- Secretary
- Posts: 441
- Joined: Mon Oct 30, 2023 1:32 am
- Location: Vicksburg, MS
- ISC2 Member Status: Yes
- Contact:
Ransomware gangs join attacks targeting Microsoft SharePoint servers
Robert B. Carleton + ISC2 Central Mississippi Secretary