Lace Tempest Exploits Zero-Day in a Strategic Strike on SysAid

Threat Level – Red | Vulnerability Report
Download PDF

Lace Tempest has been implicated in exploiting a zero-day vulnerability, identified as CVE-2023-47246. This exploitation allows for the execution of code within SysAid on-premise software, leading to an unauthorized breach of corporate servers. The primary objectives of this breach include data theft and the deployment of the Clop ransomware.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox