SysAid zero-day flaw exploited in Clop ransomware attacks

A zero-day vulnerability in SysAid, an IT Service Management software, has been exploited by threat actors for data theft and to deploy the notorious Clop ransomware, as reported by the Microsoft Threat Intelligence team. Identified as CVE-2023-47246, the vulnerability was used by a threat group tracked as Lace Tempest. SysAid has since developed a patch available in a software update, and strongly recommends users to update to version 23.3.36 or later.