incident
CACTUS Ransomware Group Executes Coordinated Attack on Two Companies via Ivanti MobileIron Sentry VulnerabilityCACTUS Ransomware Coordinated Attack
The CACTUS ransomware group exploited CVE-2023-38035 in Ivanti MobileIron Sentry within 24 hours of its disclosure to compromise two separate companies simultaneously. The attack involved data exfiltration, encryption of workstations, and subsequent encryption of virtual machines including domain controllers on both ESXi and Hyper-V hosts. Some machines protected by Bitdefender remained unharmed, while the primary security software from an undisclosed vendor was bypassed.