all InfoSec news
Lace Tempest Seen Exploiting SysAid Zero Day
Malware Analysis, News and Indicators - Latest topics malware.news
IT automation and asset management software provider SysAid is warning customers about a critical vulnerability in its on-premise software that attackers from the Lace Tempest threat group have been exploiting in active attacks.
The bug (CVE-2023-47246) emerged last week and Microsoft Threat Intelligence researchers identified the Lace Tempest actors as the group exploiting it. Lace Tempest is the same group that is responsible for exploiting the MoveIT Transfer vulnerability earlier this year, and is associated with the cl0p ransomware group. …
asset asset management attackers attacks automation bug critical critical vulnerability customers cve cve-2023-47246 exploiting intelligence it automation lace tempest management microsoft premise researchers software sysaid tempest threat threat group threat intelligence vulnerability warning week