Security News > 2023 > June > Third Flaw Uncovered in MOVEit Transfer App Amidst Cl0p Ransomware Mass Attack
Progress Software on Thursday disclosed a third vulnerability impacting its MOVEit Transfer application, as the Cl0p cybercrime gang deployed extortion tactics against affected companies.
The company is urging all its customers to disable all HTTP and HTTPs traffic to MOVEit Transfer on ports 80 and 443 to safeguard their environments while a patch is being prepared to address the weakness.
The vulnerabilities join CVE-2023-34362, which was exploited as a zero-day by the Clop ransomware gang in data theft attacks.
The development also coincides with the Cl0p actors listing the names of 27 companies that it claimed were hacked using the MOVEit Transfer flaw on its darknet leak portal.
Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security.
"Money is the root of all evil, including cybercrime," the Russian cybersecurity company said, adding the MaaS schemes allow less technically proficient attackers to enter the fray, thereby lowering the bar for carrying out such attacks.
News URL
https://thehackernews.com/2023/06/third-flaw-uncovered-in-moveit-transfer.html
Related news
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hunters International ransomware claims attack on Tata Technologies (source)
- Toronto Zoo shares update on last year's ransomware attack (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- SANS Institute Warns of Novel Cloud-Native Ransomware Attacks (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)
- BlackLock ransomware claims nearly 50 attacks in two months (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)
- Texas State Bar warns of data breach after INC ransomware claims attack (source)
- Sensata Technologies hit by ransomware attack impacting operations (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-02 | CVE-2023-34362 | SQL Injection vulnerability in Progress Moveit Cloud and Moveit Transfer In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. | 9.8 |