What a failed attack against ColdFusion revealed about ransomware tools and tactics

Cybercriminals targeted servers running out-of-date Adobe software in a recent unsuccessful ransomware attack, according to researchers at Sophos. The threat actors aimed to gain access to Windows servers to deploy ransomware created from leaked source code from the LockBit 3.0 family of ransomware. The attackers exploited a vulnerability in ColdFusion 11 and researchers found a ransom note associating “BlackDogs 2023” with the attack. The attack highlights the importance of system updates, strong cybersecurity controls, and robust endpoint detection and response systems.