Clop is back to wreak havoc via vulnerable file-transfer software | CyberScoop<\/title> <meta name=\"description\" content=\"Clop has claimed responsibility for attacks tied to vulnerabilities in software made by Cleo, a IT company that sells enterprise software.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/clop-cleo-file-transfer-software-breach-fin11\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Clop is back to wreak havoc via vulnerable file-transfer software\"> <meta property=\"og:description\" content=\"Clop has claimed responsibility for attacks tied to vulnerabilities in software made by Cleo, a IT company that sells enterprise software.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/clop-cleo-file-transfer-software-breach-fin11\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-12-17T19:33:25+00:00\"> <meta property=\"article:modified_time\" content=\"2024-12-17T19:46:12+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/clop-is-back-to-wreak-havoc-via-vulnerable-file-transfer-software-2.jpg\"> <meta property=\"og:image:width\" content=\"8567\"> <meta property=\"og:image:height\" content=\"4500\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Greg Otto\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:title\" content=\"Clop is back to wreak havoc via vulnerable file-transfer software\"> <meta name=\"twitter:creator\" content=\"@gregotto\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1732206022g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1730999764g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1732010462g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=ddc036fa194c40cf406f\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/82924\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.7.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=82924\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fclop-cleo-file-transfer-software-breach-fin11%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fclop-cleo-file-transfer-software-breach-fin11%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-82924 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/clop-cleo-file-transfer-software-breach-fin11\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \">\n<div class=\"single-article__header-content\" readability=\"30.953488372093\">  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/82924\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"336\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/clop-is-back-to-wreak-havoc-via-vulnerable-file-transfer-software.jpg?resize=640%2C336&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/clop-is-back-to-wreak-havoc-via-vulnerable-file-transfer-software-2.jpg 8567w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/clop-is-back-to-wreak-havoc-via-vulnerable-file-transfer-software-2.jpg?resize=300,158 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/clop-is-back-to-wreak-havoc-via-vulnerable-file-transfer-software-2.jpg?resize=768,403 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/clop-is-back-to-wreak-havoc-via-vulnerable-file-transfer-software-2.jpg?resize=1024,538 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/clop-is-back-to-wreak-havoc-via-vulnerable-file-transfer-software-2.jpg?resize=1536,807 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/clop-is-back-to-wreak-havoc-via-vulnerable-file-transfer-software-2.jpg?resize=2048,1076 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/clop-is-back-to-wreak-havoc-via-vulnerable-file-transfer-software-2.jpg?resize=600,315 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/clop-is-back-to-wreak-havoc-via-vulnerable-file-transfer-software-2.jpg?resize=1200,630 1200w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/clop-is-back-to-wreak-havoc-via-vulnerable-file-transfer-software-2.jpg?resize=1500,788 1500w\" sizes=\"(max-width: 1200px) 100vw, 1200px\"><figcaption> (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"44.329044117647\"><body readability=\"89.378820960699\"><\/p>\n<p>In what we can assure you is a new cybersecurity incident despite sounding incredibly similar to incidents of past notoriety: threat actors tied to a notorious ransomware and extortion group have exploited file-transfer software to carry out attacks. <\/p>\n<p>Clop has claimed responsibility for attacks tied to vulnerabilities in software made by Cleo, an Illinois-based IT company that sells various types of enterprise software. The vulnerabilities, which affected Cleo\u2019s LexiCom, VLTrader, and Harmony products, have led to worries that sensitive data across various industries could be swiped by the group in a repeat of some of the most damaging security incidents of the past few years. <\/p>\n<p>The cybersecurity community was first alerted of the threat earlier this month when Huntress Labs identified that threat actors were <a href=\"https:\/\/www.huntress.com\/blog\/threat-advisory-oh-no-cleo-cleo-software-actively-being-exploited-in-the-wild\">exploiting Cleo\u2019s software en masse<\/a>. The flaw, catalogued as <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-50623\">CVE-2024-50623<\/a>, is an unrestricted file upload and download vulnerability that could lead to remote code execution. Cleo originally released fixes for CVE-2024-50623 in October, but the company <a href=\"https:\/\/support.cleo.com\/hc\/en-us\/articles\/27140294267799-Cleo-Product-Security-Advisory-CVE-2024-50623\">issued another patch last week<\/a> to further fix the issue. <\/p>\n<p>Shortly thereafter, a new critical vulnerability was identified (CVE-2024-55956), allowing unauthenticated users to execute code through the Autorun directory. Cleo quickly <a href=\"https:\/\/support.cleo.com\/hc\/en-us\/articles\/28408134019735-Cleo-Product-Security-Update-CVE-2024-55956\">issued another patch<\/a>. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>While the exact number of exploited systems remains unclear, cybersecurity firm Rapid7 <a href=\"https:\/\/www.rapid7.com\/blog\/post\/2024\/12\/10\/etr-widespread-exploitation-of-cleo-file-transfer-software-cve-2024-50623\/\">cited a discernible uptick<\/a> in compromised endpoints received via its customer telemetry..Huntress said in its initial research blog that approximately 10 businesses were attacked via the vulnerability, notably impacting sectors such as consumer products, food, and shipping. <\/p>\n<p>According to Shodan, a search engine that scans IP addresses to find and access devices and systems connected to the internet, there were 390 exposed systems with the affected Cleo software as of this article\u2019s publication. Cleo\u2019s customer base spans around 4,200 organizations.<\/p>\n<p>Last weekend, Clop published a blog post on its data leak site claiming responsibility for the attacks. <\/p>\n<figure class=\"wp-block-image size-full\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/clop-is-back-to-wreak-havoc-via-vulnerable-file-transfer-software.png?w=640&ssl=1\" alt class=\"wp-image-82925\"><figcaption class=\"wp-element-caption\">A post on X that shows a screenshot from Clop\u2019s data leak site. (X\/Scoop News Group)<\/figcaption><\/figure>\n<p><a href=\"https:\/\/cyberscoop.com\/tag\/moveit-transfer\/\">Clop has made a name for itself<\/a> via vulnerabilities in this particular type of software, most notably related to the MoveIT breach in 2023. In May 2023, hackers with Clop exploited <a href=\"https:\/\/www.mandiant.com\/resources\/blog\/zero-day-moveit-data-theft\">a previously undetected vulnerability<\/a> in MOVEit software, which the group used to attack \u201chundreds of companies\u201d as \u201cpart of exceptional exploit.\u201d The exploit, which allowed the group to steal data via supply chain attacks, affected thousands of companies. Some risk management firms have stated that the attack is estimated to have <a href=\"https:\/\/orx.org\/resource\/moveit-transfer-data-breaches#:~:text=According%20to%20the%20average%20cost,up%20to%20USD%2012.15%20billion.\">cost companies a combined $12.15 billion<\/a>. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The hacking group was also responsible for attacks related to similar software, including Fortra\u2019s GoAnywhere MFT and Accelion\u2019s file-transfer software. <\/p>\n<p>Several cybersecurity experts told CyberScoop that the activity tied to Cleo\u2019s software is the first time the group has surfaced since the MOVEit breach, indicating that Clop has been squarely focused on finding vulnerabilities in file-transfer software. <\/p>\n<p>\u201cIt is plausible that Clop had prior knowledge of several vulnerabilities in the CLEO platform, enabling the group to breach and extract data from victim organizations systematically long before the vendor issued any public security advisory,\u201d said a spokesperson for Intel471, a Texas-based threat intelligence company. \u201cBy timing their public disclosures and media engagement, the group likely intends to maximize the pressure on victims and amplify the overall impact of these attacks.\u201d<\/p>\n<p>Kimberly Goody, head of cyber crime analysis for Mandiant Google Cloud, told CyberScoop it is possible that the Cleo incidents show the threat actors, which the company tracks as FIN11, may have learned from the MOVEit breach and refined their techniques. <\/p>\n<p>\u201cCurrent evidence suggests that this may not have been a smash-and-grab as we observed with the MoveIt attack,\u201d Goody said. \u201cThe targeting of these systems in the past has often not resulted in additional post-compromise activity other than the data theft and extortion; however, we have observed beacon deployment which could signal that the threat actors may have intended to also deploy ransomware.\u201d <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The Cybersecurity and Infrastructure Agency added one of the Cleo vulnerabilities to its <a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\">Known Exploited Vulnerabilities list<\/a> Tuesday, stating the addition is \u201cbased on evidence of active exploitation.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.9327086882453\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/clop-is-back-to-wreak-havoc-via-vulnerable-file-transfer-software-1.jpg?w=640&ssl=1\" alt=\"Greg Otto\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Greg Otto<\/h4>\n<p> Greg Otto is Editor-in-Chief of CyberScoop, overseeing all editorial content for the website. Greg has led cybersecurity coverage that has won various awards, including accolades from the Society of Professional Journalists and the American Society of Business Publication Editors. Prior to joining Scoop News Group, Greg worked for the Washington Business Journal, U.S. News & World Report and WTOP Radio. He has a degree in broadcast journalism from Temple University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/clop-cleo-file-transfer-software-breach-fin11\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Clop is back to wreak havoc via vulnerable file-transfer software<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3350,322,282,3351,3352,646,324,3353,288,643],"tags":[3354,326,286,3355,3356,650,328,3357,294,645],"class_list":["post-6656","post","type-post","status-publish","format-standard","hentry","category-cleo","category-clop","category-cybercrime","category-huntress-labs","category-intel-471","category-mandiant","category-moveit-transfer","category-rapid7","category-threats","category-vulnerabilities","tag-cleo","tag-clop","tag-cybercrime","tag-huntress-labs","tag-intel-471","tag-mandiant","tag-moveit-transfer","tag-rapid7","tag-threats","tag-vulnerabilities"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cleo\/\" rel=\"category tag\">cleo<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/clop\/\" rel=\"category tag\">Clop<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybercrime\/\" rel=\"category tag\">cybercrime<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/huntress-labs\/\" rel=\"category tag\">Huntress Labs<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/intel-471\/\" rel=\"category tag\">Intel 471<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/mandiant\/\" rel=\"category tag\">Mandiant<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/moveit-transfer\/\" rel=\"category tag\">MOVEit Transfer<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/rapid7\/\" rel=\"category tag\">Rapid7<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vulnerabilities\/\" rel=\"category tag\">vulnerabilities<\/a>","tag_info":"vulnerabilities","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/6656","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=6656"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/6656\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=6656"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=6656"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=6656"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":6656,"date":"2024-12-17T13:33:25","date_gmt":"2024-12-17T19:33:25","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=82924"},"modified":"2024-12-17T13:33:25","modified_gmt":"2024-12-17T19:33:25","slug":"clop-is-back-to-wreak-havoc-via-vulnerable-file-transfer-software","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/12\/17\/clop-is-back-to-wreak-havoc-via-vulnerable-file-transfer-software\/","title":{"rendered":"Clop is back to wreak havoc via vulnerable file-transfer software"},"content":{"rendered":"