23 Feb, 2025

Clop ransomware is now extorting 66 Cleo data-theft victims

The Clop ransomware gang started to extort victims of its Cleo data theft attacks and announced on its dark web portal that 66 companies have 48 hours to respond to the demands. The cybercriminals announced that they are contacting those companies directly to provide links to a secure chat channel for conducting ransom payment negotiations. They also provided […]

2 mins read

Clop ransomware claims responsibility for Cleo data theft attacks

The Clop ransomware gang has confirmed to GeekFeed that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits to breach corporate networks and steal data. Cleo is the developer of the managed file transfer platforms Cleo Harmony, VLTrader, and LexiCom, which companies use to securely exchange files between their business partners and customers. In […]

4 mins read

CISA confirms critical Cleo bug exploitation in ransomware attacks

​CISA confirmed today that a critical security vulnerability in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited in ransomware attacks. This flaw (tracked as CVE-2024-50623 and impacting all versions before version 5.8.0.21) enables unauthenticated attackers to gain remote code execution on vulnerable servers exposed online. Cleo released security updates to fix it […]

3 mins read

Cleo patches critical zero-day exploited in data theft attacks

Cleo has released security updates for a zero-day flaw in its LexiCom, VLTransfer, and Harmony software, currently exploited in data theft attacks. In October, the company patched a pre-auth remote code execution vulnerability (CVE-2024-50623) in its managed file transfer software and recommended that “all customers upgrade immediately.” Huntress security researchers first spotted evidence of attacks targeting fully […]

3 mins read