Infosec outfit Qualys, its cloud-based vuln detection tech, and its SSL server test webpage, have seemingly fallen victim to a ransomware attack.
Files appearing to originate from Qualys were dumped online this afternoon on the Tor blog of the Clop criminal extortionists.
While Qualys declined to comment immediately, a spokeswoman said the company was aware of the incident and investigating.
While we’re not reproducing those files here because doing so merely fuels the extortionists’ purpose, they appeared to include purchase orders, results of scans of customer appliances and quotations. The nature of the files suggests they were stolen from the admin side of the Qualys business rather than its infosec side.
Ransomware gang specialist Brett Callow, of infosec biz Emsisoft, told The Register: “Entities that have had dealings with Qualys should be on high alert.”
The incident will be hugel ..
Support the originator by clicking the read the rest link below.
