Security News > 2023 > November > Cactus ransomware exploiting Qlik Sense flaws to breach networks
Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks.
In a recent report, cybersecurity company Arctic Wolf warns of Cactus ransomware actively exploiting these flaws on publicly-exposed Qlik Sense instances that remain unpatched.
The Cactus ransomware attacks that Arctic Wolf observed exploit the security issues to execute code that causes the Qlik Sense Scheduler service to initiate new processes.
In the final stage of the attack, the hackers deployed the Cactus ransomware on the breached systems.
The use of these tools and techniques are consistent with what researchers observed in previous Cactus ransomware attacks.
HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks.
News URL
Related news
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Henry Schein discloses data breach a year after ransomware attack (source)
- Black Basta ransomware poses as IT support on Microsoft Teams to breach networks (source)
- Fog ransomware targets SonicWall VPNs to breach corporate networks (source)
- LA housing authority confirms breach claimed by Cactus ransomware (source)
- Helldown ransomware exploits Zyxel VPN flaw to breach networks (source)