Microsoft and SysAid Find Clop Malware Vulnerability

SysAid has fixed a zero-day vulnerability that was potentially exploited by threat group Lace Tempest to deploy the Clop ransomware. The IT service management company urged users of its on-premises server installations to run version 23.3.36, which includes a fix. The flaw was first discovered by Profero, an Israel-based rapid incident response firm. SysAid provided a list of indicators of compromise and steps of protection against the vulnerability.