CrowdStrike researchers have identified ransomware groups targeting a zero-day flaw impacting the Linux-based Mitel VoIP appliance.
The vulnerability tracked as CVE-2022-29499 was patched earlier this year in April by Mitel after CrowdStrike researcher Patrick Bennett unearthed the bug during a ransomware investigation.
In a blog post published last week, Bennett explained that after taking the Mitel VoIP appliance offline, he unearthed a “novel remote code execution exploit used by the threat actor to gain initial access to the environment.”
“After tracing threat actor activity to an IP address assigned to the Mitel MiVoice Connect VoIP appliance, CrowdStrike received a disk image of the Linux system and began analysis. CrowdStrike’s analysis identified anti-forensic techniques that were performed by the threat actor on the Mitel appliance in an attempt to hide their activity,” Bennett said.
Although the h
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article. 
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: