OXFORD, United Kingdom, Sept. 21, 2021 (GLOBE NEWSWIRE) — Sophos, a global leader in next-generation cybersecurity, has published research, “Cring Ransomware Exploits Ancient ColdFusion Server,” describing a sophisticated attack the Cring ransomware operators mounted against a target after hacking a server running an unpatched, 11-year-old version of Adobe’s ColdFusion 9 software. The target used the server to collect timesheet and accounting data for payroll and to host multiple virtual machines. The attackers breached the internet-facing server in minutes and executed the ransomware 79 hours later. “Devices running vulnerable, outdated software are low-hanging-fruit for cyberattackers looking for an easy way into a target,” said Andrew Brandt, principal researcher at… Source link
Read More »Yearly Archives: 2021
Cring Ransomware Exploits 11-Year-Old Adobe ColdFusion Software To Launch Advanced Attack, Sophos Research Reveals
Cring Ransomware Adobe’s ColdFusion ransom note The attackers posted a ransom note which says they also exfiltrated data that is “ready to leak in case we can not make a good deal.” The attackers posted a ransom note which says they also exfiltrated data that is “ready to leak in case we can not make a good deal.” OXFORD, United Kingdom, Sept. 21, 2021 (GLOBE NEWSWIRE) — Sophos, a global leader in next-generation cybersecurity, has published research, “Cring Ransomware Exploits Ancient ColdFusion Server,” describing a sophisticated attack the Cring ransomware operators mounted against a target after hacking a server running an unpatched, 11-year-old version of Adobe’s ColdFusion 9 software. The target used the server to collect timesheet and accounting data for payroll and to… Source link
Read More »Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug
Unidentified threat actors breached a server running an unpatched, 11-year-old version of Adobe’s ColdFusion 9 software in minutes to remotely take over control and deploy file-encrypting Cring ransomware on the target’s network 79 hours after the hack. The server, which belonged to an unnamed services company, was used to collect timesheet and accounting data for payroll as well as to host a number of virtual machines, according to a report published by Sophos and shared with The Hacker News. The attacks originated from an internet address assigned to the Ukrainian ISP Green Floid. “Devices running vulnerable, outdated software are low-hanging-fruit for cyberattackers looking for an easy way into a target,” Sophos principal researcher Andrew Brandt said. “The surprising thing is… Source link
Read More »Environmental Map Delay Spurs Worries of Slowing Equity Effort
Some environmental justice advocates are losing patience with White House efforts to launch a new screening tool that promises to pinpoint long-neglected and polluted communities, arguing that such vulnerable neighborhoods are well known. Many are so obvious that they have nicknames, such as Louisiana’s “Cancer Alley” or the “Diesel Death Zone”—a California community home to the Port of Los Angeles, multiple oil and asphalt refineries, and surrounded by three major freeways. “We already know these communities,” said Anthony Rogers Wright, the New York Lawyers for the Public Interest’s director of environmental justice. “This is not metaphysics, or calculus, or cold fusion—I think we’re over-complicating it,” he said, noting environmental justice screening tools… Source link
Read More »Cring ransomware group exploits ancient ColdFusion server – Sophos News
In an attack recently investigated by Sophos, an unknown threat actor exploited an ancient-in-internet-years vulnerability in an 11-year-old installation of Adobe ColdFusion 9 to take control of the ColdFusion server remotely, then to execute ransomware known as Cring on the server, and against other machines on the target’s network. While several other machines were “bricked” by the ransomware, the server hosting ColdFusion was partially recoverable, and Sophos was able to pull evidence in the form of logs and files from the machine. The server running ColdFusion was running the Windows Server 2008 operating system, which Microsoft end-of-lifed in January, 2020. Adobe declared end-of-life for ColdFusion 9 in 2016. As a result, neither the operating system nor the ColdFusion… Source link
Read More »Cring ransomware group exploits ancient ColdFusion server – Sophos News
In an attack recently investigated by Sophos, an unknown threat actor exploited an ancient-in-internet-years vulnerability in an 11-year-old installation of Adobe ColdFusion 9 to take control of the ColdFusion server remotely, then to execute ransomware known as Cring on the server, and against other machines on the target’s network. While several other machines were “bricked” by the ransomware, the server hosting ColdFusion was partially recoverable, and Sophos was able to pull evidence in the form of logs and files from the machine. The server running ColdFusion was running the Windows Server 2008 operating system, which Microsoft end-of-lifed in January, 2020. Adobe declared end-of-life for ColdFusion 9 in 2016. As a result, neither the operating system nor the ColdFusion… Source link
Read More »Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug – The Hacker News
[unable to retrieve full-text content]Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug The Hacker News Source link
Read More »Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug
Unidentified threat actors breached a server running an unpatched, 11-year-old version of Adobe’s ColdFusion 9 software in minutes to remotely take over control and deploy file-encrypting Cring ransomware on the target’s network 79 hours after the hack. The server, which belonged to an unnamed services company, was used to collect timesheet and accounting data for payroll as well as to host a number of virtual machines, according to a report published by Sophos and shared with The Hacker News. The attacks originated from an internet address assigned to the Ukrainian ISP Green Floid. “Devices running vulnerable, outdated software are low-hanging-fruit for cyberattackers looking for an easy way into a target,” Sophos principal researcher Andrew Brandt said. “The surprising thing is… Source link
Read More »Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug
Unidentified threat actors breached a server running an unpatched, 11-year-old version of Adobe’s ColdFusion 9 software in minutes to remotely take over control and deploy file-encrypting Cring ransomware on the target’s network 79 hours after the hack. The server, which belonged to an unnamed services company, was used to collect timesheet and accounting data for payroll as well as to host a number of virtual machines, according to a report published by Sophos and shared with The Hacker News. The attacks originated from an internet address assigned to the Ukrainian ISP Green Floid. “Devices running vulnerable, outdated software are low-hanging-fruit for cyberattackers looking for an easy way into a target,” Sophos principal researcher Andrew Brandt said. “The surprising thing is… Source link
Read More »Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug
Unidentified threat actors breached a server running an unpatched, 11-year-old version of Adobe’s ColdFusion 9 software in minutes to remotely take over control and deploy file-encrypting Cring ransomware on the target’s network 79 hours after the hack. The server, which belonged to an unnamed services company, was used to collect timesheet and accounting data for payroll as well as to host a number of virtual machines, according to a report published by Sophos and shared with The Hacker News. The attacks originated from an internet address assigned to the Ukrainian ISP Green Floid. “Devices running vulnerable, outdated software are low-hanging-fruit for cyberattackers looking for an easy way into a target,” Sophos principal researcher Andrew Brandt said. “The surprising… Source link
Read More »