DIRECTORY

  • Alerts
  • APTs
  • Blog
  • Books
  • Certifications
  • Cheat Sheets
  • Courses
  • Cyber Briefing
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Definitions
  • Domains
  • Entertainment
  • FAQ
  • Frameworks
  • Hardware Tools
  • Incidents
  • Malware
  • News
  • Papers
  • Podcasts
  • Quotes
  • Reports
  • Tools
  • Threats
  • Tutorials
No Result
View All Result
  • Login
  • Register
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
Talk To An Expert
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
No Result
View All Result
Talk To An Expert
CyberMaterial
Home Incidents

Lorenz Ransomware Exploit Mitel VoIP Systems

Reading Time: 2 mins read
in Incidents

The operators behind the Lorenz ransomware operation have been observed exploiting a now-patched critical security flaw in Mitel MiVoice Connect to obtain a foothold into target environments for follow-on malicious activities.

Lorenz, like many other ransomware groups, is known for double extortion by exfiltrating data prior to encrypting systems, with the actor targeting small and medium businesses (SMBs) located in the U.S., and to a lesser extent in China and Mexico, since at least February 2021.

Calling it an “ever-evolving ransomware,” Cybereason noted that Lorenz “is believed to be a rebranding of the ‘.sZ40’ ransomware that was discovered in October 2020.”

The weaponization of Mitel VoIP appliances for ransomware attacks mirrors recent findings from CrowdStrike, which disclosed details of a ransomware intrusion attempt that leveraged the same tactic to achieve remote code execution against an unnamed target.

Mitel VoIP products are also a lucrative entry point in light of the fact that there are nearly 20,000 internet-exposed devices online, as revealed by security researcher Kevin Beaumont, rendering them vulnerable to malicious attacks.

In one Lorenz ransomware attack investigated by Arctic Wolf, the threat actors weaponized the remote code execution flaw to establish a reverse shell and download the Chisel proxy utility.

READ FULL ARTICLE
Tags: CyberattackIncidents 2022LorenzMitel MiVoiceRansomwareSeptember 2022Vulnerabilities
ADVERTISEMENT

Related Posts

HTX Loses $7.9M in ETH Hack

HTX Loses $7.9M in ETH Hack

September 27, 2023
Kuwait Ministry of Finance Ransomware

Kuwait Ministry of Finance Ransomware

September 27, 2023
PhilHealth Hit by Ransomware Attack

PhilHealth Hit by Ransomware Attack

September 27, 2023
Killnet Targets Lockheed Martin

Killnet Targets Lockheed Martin

September 27, 2023

More Articles

Book

Cybersecurity for Hotels and Corporate Offices

April 7, 2022
Document

An introduction to social engineering

March 3, 2021
Incidents

Hackers Target Skolkovo Foundation

June 1, 2023
Cyber101

Intrusion Detection System (IDS)

August 10, 2022
Document

Remote Workforce Business Continuity Assessment

June 15, 2022
Course

DevSecOps – Build and Release Secure Software Faster

March 31, 2022
Alerts

Microsoft fixes LSA Protection bug

April 27, 2023
Documentary

Hacking Democracy (2006)

October 5, 2020
Load More

Security through data

Cybersecurity Domains

  • API Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • HSM
  • KPIs / KRIs
  • Penetration Testing
  • Shift Left
  • Vulnerability Scan

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • E-Commerce
  • Healthcare
  • IoT
  • Quantum Computing

Frameworks

  • CIS Controls
  • CCPA
  • GDPR
  • NIST
  • 23 NYCRR 500
  • HIPAA

Repository

  • Books
  • Certifications
  • Definitions
  • Documents
  • Entertainment
  • Quotes
  • Reports

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering

© 2023 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Alerts
  • Incidents
  • News
  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
    • Tutorials
  • Report Cyber Incident
  • GET HELP
  • Contact Us

Subscribe to our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Sign In with Google
Sign In with Linked In
OR

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
Sign Up with Linked In
OR

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.