Deployed publicly accessible MOVEit Transfer? Oh no. Mass exploitation underway

2023-06-01 23:39

Security researchers and the US government have sounded the alarm on a flaw in Progress Software's MOVEit Transfer that criminals have been "Mass exploiting" for at least a month to break into IT environments and steal data.

There's now MOVEit Transfer 2023.0.1, 2022.1.5, 2022.0.4, 2021.1.4, and 2021.0.6 available to fix the insecure code.

Earlier the biz urged customers to take "Immediate action" to protect their environments, including disabling all HTTP and HTTPS traffic to deployments of MOVEit Transfer.

GreyNoise said it observed netizens, possibly with nefarious motives, scanning the public internet for MOVEit Transfer deployments to exploit as early as March 3.

As of Wednesday, Rapid7 spotted about 2,500 instances of MOVEit Transfer exposed to the public internet, most of which belong to US customers.

"We strongly recommend that MOVEit Transfer customers prioritize mitigation on an emergency basis," the security team said.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/06/01/moveit_transfer_zero_day/

#exploitation #moveit