Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

10/12/2020
05:10 PM
50%
50%

Software AG Continues Efforts Against $20M Ransomware Attack

The attack, which now includes extortion components, has moved into its second week.

Software AG, Germany's second-largest software company (after SAP) continues to struggle with a ransomware attack that has evolved into an extortion bid carrying a $20 million payoff demand.

Related Content:

New Campaign Combines Extortion, DDoS

2020 State of Cybersecurity Operations and Incident Response

New on The Edge: Emotet 101: How the Ransomware Works -- and Why It's So Darn Effective

The attack began on October 3 as a ransomware attack in which the attackers demanded the unusually high ransom in return for a decryption key. According to reporting from ZDNet, stolen confidential employee information began to be released on the Dark Web on October 9 after negotiations between the company and attackers failed. As of today, Computer Weekly reports that online customer support and internal communications systems remain offline, though customer services are operational.

Criminals attacked using Clop ransomware, first described in the wild in February 2019. Clop is a sophisticated, heavily obfuscated, and still-evolving ransomware strain that shows signs of being specifically designed to target enterprise, rather than individual, victims.

For more, read here and here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
How to Identify Cobalt Strike on Your Network
Zohar Buber, Security Analyst,  11/18/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: A GONG is as good as a cyber attack.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-2393
PUBLISHED: 2020-11-23
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects: MongoDB Inc. MongoDB Server v4.2 versions prior to 4.2.1; v4.0 versions prior to 4.0.13; v3.6 versions prior to 3.6.15.
CVE-2020-1778
PUBLISHED: 2020-11-23
When OTRS uses multiple backends for user authentication (with LDAP), agents are able to login even if the account is set to invalid. This issue affects OTRS; 8.0.9 and prior versions.
CVE-2020-28421
PUBLISHED: 2020-11-23
CA Unified Infrastructure Management 20.1 and earlier contains a vulnerability in the robot (controller) component that allows local attackers to elevate privileges.
CVE-2020-7777
PUBLISHED: 2020-11-23
This affects all versions of package jsen. If an attacker can control the schema file, it could run arbitrary JavaScript code on the victim machine. In the module description and README file there is no mention about the risks of untrusted schema files, so I assume that this is applicable. In partic...
CVE-2018-20802
PUBLISHED: 2020-11-23
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries with compound indexes affecting QueryPlanner. This issue affects: MongoDB Inc. MongoDB Server v3.6 versions prior to 3.6.9, v4.0 versions prior to 4.0.3.