The GoAnywhere zero-day vulnerability used by the Clop ransomware group to infect the City of Toronto is yet another victim.
A spokesman for the City of Toronto verified the hack after hearing about it via BleepingComputer.
The incident was the subject of an investigation by the city government to see how serious the security lapse was.
The access is only permitted for files that cannot be transferred securely to a third party.
Source: https://securityaffairs.com/143938/breaking-news/city-of-toronto-clop-ransomware.html
TPRM report: https://scoringcyber.rankiteo.com/company/city-of-toronto
"id": "cit34121023",
"linkid": "city-of-toronto",
"type": "Ransomware",
"date": "03/2023",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Public Administration',
'location': 'Toronto, Canada',
'name': 'City of Toronto',
'type': 'Government'}],
'attack_vector': 'Zero-Day Vulnerability',
'description': 'The GoAnywhere zero-day vulnerability was used by the Clop '
'ransomware group to infect the City of Toronto.',
'investigation_status': 'Ongoing',
'motivation': 'Financial Gain',
'ransomware': {'ransomware_strain': 'Clop'},
'references': [{'source': 'BleepingComputer'}],
'threat_actor': 'Clop Ransomware Group',
'title': 'GoAnywhere Zero-Day Vulnerability Exploited by Clop Ransomware '
'Group',
'type': 'Ransomware',
'vulnerability_exploited': 'GoAnywhere Zero-Day Vulnerability'}