Security News > 2023 > June > Hold it – another vulnerability found in MOVEit file transfer software

Infosec in brief Security firms helping Progress Software dissect the fallout from a ransomware attack against its MOVEit file transfer suite have discovered more issues that the company said could be used to stage additional exploits.

The newly discovered exploits are distinct from the issue reported earlier, and as such another patch for MOVEit Transfer and MOVEit Cloud have been issued to fix this latest discovered bug.

The original attack - which targeted high-profile companies like British Airways, the BBC and Boots - exploits a SQL injection vulnerability in the MOVEit document transfer app to gain access to environments and exfiltrate data.

Clop, the Russian ransomware gang behind the MOVEit supply chain ransomware attack, likely knew about the bug as far back as 2021, claims risk analysis firm Kroll.

According to Kroll's forensic review of Microsoft Internet Information Services logs from clients affected by Clop's MOVEit attack, "Observed activity consistent with MOVEit Transfer exploitation" was picked up in multiple client environments in April 2022, and in some as early as July '21.

This week's highlight of critical vulnerabilities kicks off with VMware's Aria Operations for Networks network monitoring tool, which contains a trio of sequentially filed CVE-numbered vulnerabilities that can be used to execute remote code and perform command injection attacks to steal information.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/06/12/security_in_brief/