CISA confirms critical Cleo bug exploitation in ransomware attacks
CISA confirmed today that a critical remote code execution bug in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited in ransomware attacks.
DataBreachToday14 天
Hackers Exploiting Cleo Software Zero-Day
File transfer software made by Cleo Communications is under active attack and a patch meant to stymie hackers doesn't fix the ...
Cybercriminals are using virtual hard drives to drop RATs in phishing attacks
Mountable virtual hard drive files, typically in .vhd and .vhdx formats, allow users to create virtual volumes that function ...
Cleo patches critical zero-day exploited in data theft attacks
Cleo has released security updates for a zero-day flaw in its LexiCom, VLTransfer, and Harmony software, currently exploited in data theft attacks.
healthcareinfosecurity.com15 天
New Malware Framework Targets Cleo File Systems
Hackers exploiting flaws in Cleo Communications software instances had intimate knowledge of their internals and deployed a ...
SecurityWeek15 天
Cleo Vulnerability Exploitation Linked to Termite Ransomware Group
Exploitation of a vulnerability affecting Cleo file transfer tools has been linked to the new Termite ransomware group.
Fully patched Cleo products under renewed 'zero-day-ish' mass attack
Cleo issued patches for CVE-2024-50623, an unauthenticated remote code execution (RCE) bug affecting Harmony, VLTrader, and ...