Cring Ransomware Continues Assault On Industrial Companies

Share post:

The Cring ransomware has continued to attack organizations with aging ColdFusion servers and VPNs.

According to Sophos researchers, the group that uses Cring ransomware consists of the same hackers in Belarus and Ukraine who use automated tools to break into servers of an unnamed company in the service sector.

The Sophos researchers went on to explain how the ransomware gang operated by exploiting a vulnerability in an 11-year-old installation of Adobe ColdFusion 9 to remotely take control of a ColdFusion server.

According to Sophos, the hackers used their automated tools to scan 9,000 access routes into the company’s systems within 75 seconds and then exploited a vulnerability in the outdated Adobe program that gave them access to files from servers that were not supposed to be publicly accessible.

During the attack, the attackers were able to access timesheets and payroll entry data before cracking the Internet-facing server within minutes, after which the ransomware was successfully executed 72 hours later.

For more information, read the original story in ZDNet.



Related articles

Microsoft to block emails from “Persistently Vulnerable Exchange Servers”

Microsoft has announced a new security feature for Exchange Online that will gradually throttle and eventually block emails...

Pinduoduo removed from Google Play Store after cyberattack

According to security researchers at Lookout, Pinduoduo has been involved in a complex malware attack through its application,...

Twitter source code leaked, demands GitHub reveal who posted it there

New York Times says the code posted on GitHub had been there for months. raising securit

Okta’s login flaw exposes users to attack, says Mitiga

According to Mitiga, Okta's login system contains a simple error that could expose its users to future attacks. Users...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways