July Threat Research Lab Update – cl0p Decides to MOVEIT


This month’s deep dive will go into the recent ransomware activity regarding MOVEit Transfer 0-day (CVE-2023-34362) and GoAnywhere MFT, which is a CL0P ransomware from an affiliate called Lace Tempest.

Watch to gain valuable insights:

  • The phases of intrusion
  • The Threat Actor Profile (Who did it, motivations, origin, why they choose the targets)
  • What happened and how the actor propagated
  • How Cymulate detected the propagation and replicated it
  • What to do in the future

About the Threat Research Lab Updates:

Each month, Mike DeNapoli, Cybersecurity Architect, and Dan Lisichkin, Threat Intelligence Expert & Infosec Researcher dive into the attacker tools emerging as the most prolific and highest risk in the threat landscape. We’ll showcase a few that stand out from our continuous examination of the threat landscape and research performed by our highly experienced and diverse researchers. We’ll evaluate how these tools work, the phases of intrusion, the threat actor profile (who did it, motivations, origin, why they chose their targets), and how the attack propagated. Furthermore, we’ll provide clear demonstrations of how we detected and replicated the attack propagation using the advanced capabilities of the Cymulate platform.