with samples on a Russian Tor site.”We’ve seen already this year that telecom is particularly vulnerable to attacks, and I think this WarLock attack highlights some recurring issues that telecom and large-scale network service providers are starting to see,” said Gabrielle Hempel, Security Operations Strategist at Exabeam. “There’s this operational ripple effect when you’re a service provider and support-layer services go down. Even though Colt claims its “core network infrastructure” is still intact, the outage of hosting, porting, and API services still disrupts customer trust and downstream operations.” Data allegedly put up for sale: The WarLock group has reportedly put the alleged documents up for sale on the forum. Along with the ransom demand of $200,000, they’ve provided sample documents as proof, raising alarm over what might be exposed if Colt doesn’t pay up.The trove reportedly includes financial records, salary data, customer contact details, internal communications, and software development blueprints.In the weeks following its discovery, the SharePoint ToolShell exploit has been weaponized in a rapidly escalating wave of attacks. High-profile victims have included the US National Nuclear Security Administration, National Institutes of Health (NIH), and Department of Homeland Security (DHS), all suffering attacks by China-linked Storm-2603 deploying Warlock ransomware.Hempel said the incident drags the focus back on patch timelines. “A SharePoint RCE or something of similar severity needs to be measured in hours, not weeks, for externally accessible systems. For critical infrastructure providers, RCE patch pipelines need to be prioritized and automated wherever possible for internet-facing services.” Notably, Microsoft had provided an incomplete patch to CVE-2025-53770 before completely sealing the flaw in July, paving the way for mass exploits in between.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4041372/uks-colt-hit-by-cyberattack-support-systems-offline-amid-ransom-threat.html
