Cleo Chaos: Ransomware Exploits Spark Urgent Product Updates Amid Cl0p Claims

Cleo is urging customers to upgrade its Harmony, VLTrader, and LexiCom products after patches were bypassed, leading to ransomware attacks. The Russia-linked gang Cl0p claims responsibility, but experts are skeptical. Cleo’s latest update attempts to close the security gap, but the hunt for definitive proof of Cl0p’s involvement continues.

3P
Published: December 16, 2024 11:49 pmAdded: December 16, 2024 at 4:21 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Ah, Cleo, 2023 called and said you’re still stuck in your patchy patchwork of drama! Just when we thought the worst was over, Cl0p and their mischief-makers prove once again that they’re the Houdini of ransomware, sneaking through vulnerabilities like it’s an extreme sport. What’s next, an Olympic event for cybercriminals?

Key Points:

  • Cleo’s October security patch for Harmony, VLTrader, and LexiCom was bypassed, leading to ransomware attacks.
  • Russia-linked gang Cl0p claims responsibility for the attacks.
  • A new malware strain called Malichus exploits the vulnerabilities.
  • Cleo has urged customers to update to version 5.8.0.24 to patch the new CVE-2024-55956 vulnerability.
  • Experts remain skeptical about Cl0p’s involvement, awaiting more proof.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?