Security News

PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files
2024-12-06 06:01

Still unpatched 100+ days later, watchTowr says A zero-day arbitrary file read vulnerability in Mitel MiCollab can be chained with a now-patched critical bug in the same platform to give attackers...

Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access
2024-12-05 14:56

Cybersecurity researchers have released a proof-of-concept (PoC) exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with an arbitrary file read zero-day,...

Mitel MiCollab zero-day and PoC exploit unveiled
2024-12-05 14:24

A zero-day vulnerability in the Mitel MiCollab enterprise collaboration suite can be exploited to read files containing sensitive data, watchTowr researcher Sonny Macdonald has disclosed, and...

Mitel MiCollab zero-day flaw gets proof-of-concept exploit
2024-12-05 11:00

Researchers have uncovered an arbitrary file read zero-day in the Mitel MiCollab collaboration platform, allowing attackers to access files on a server's filesystem. [...]

Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks
2022-09-14 14:04

The operators behind the Lornenz ransomware operation have been observed exploiting a now-patched critical security flaw in Mitel MiVoice Connect to obtain a foothold into target environments for follow-on malicious activities. Lorenz, like many other ransomware groups, is known for double extortion by exfiltrating data prior to encrypting systems, with the actor targeting small and medium businesses located in the U.S., and to a lesser extent in China and Mexico, since at least February 2021.

Patch your Mitel VoIP systems, Lorenz ransomware gang is back on the prowl
2022-09-13 18:38

The Lorenz ransomware gang is exploiting a vulnerability in Mitel VoIP appliances to break corporate networks. Threat hunters with cybersecurity firm Arctic Wolf Labs recently found that Lorenz - a prolific group that has been around since at least early 2021 and lately is primarily targeting SMBs in the US, China, and Mexico - used a vulnerability in a MiVoice VoIP appliance from Mitel to get into a victim's network before deploying Microsoft's BitLocker Drive Encryption tool to encrypt the data.

Mitel VoIP Bug Exploited in Ransomware Attacks
2022-06-28 12:42

Ransomware groups are abusing unpatched versions of a Linux-based Mitel VoIP application and using it as a springboard plant malware on targeted systems. The Mitel focuses on VoIP technology allowing users to make phone calls using an internet connection instead of regular telephone lines.

Hackers Exploit Mitel VoIP Zero-Day in Likely Ransomware Attack
2022-06-26 22:55

A suspected ransomware intrusion against an unnamed target leveraged a Mitel VoIP appliance as an entry point to achieve remote code execution and gain initial access to the environment.The findings come from cybersecurity firm CrowdStrike, which traced the source of the attack to a Linux-based Mitel VoIP device sitting on the network perimeter, while also identifying a previously unknown exploit as well as a couple of anti-forensic measures adopted by the actor on the device to erase traces of their actions.

Mitel zero-day used by hackers in suspected ransomware attack
2022-06-24 17:13

Hackers used a zero-day exploit on Linux-based Mitel MiVoice VOIP appliances for initial access in what is believed to be the beginning of a ransomware attack. Mitel VOIP devices are used by critical organizations in various sectors for telephony services and were recently exploited by threat actors for high-volume DDoS amplification attacks.