Security News > 2023 > June > Third Flaw Uncovered in MOVEit Transfer App Amidst Cl0p Ransomware Mass Attack

Progress Software on Thursday disclosed a third vulnerability impacting its MOVEit Transfer application, as the Cl0p cybercrime gang deployed extortion tactics against affected companies.
The company is urging all its customers to disable all HTTP and HTTPs traffic to MOVEit Transfer on ports 80 and 443 to safeguard their environments while a patch is being prepared to address the weakness.
The vulnerabilities join CVE-2023-34362, which was exploited as a zero-day by the Clop ransomware gang in data theft attacks.
The development also coincides with the Cl0p actors listing the names of 27 companies that it claimed were hacked using the MOVEit Transfer flaw on its darknet leak portal.
Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security.
"Money is the root of all evil, including cybercrime," the Russian cybersecurity company said, adding the MaaS schemes allow less technically proficient attackers to enter the fray, thereby lowering the bar for carrying out such attacks.
News URL
https://thehackernews.com/2023/06/third-flaw-uncovered-in-moveit-transfer.html
Related news
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset (source)
- Chinese espionage tools deployed in RA World ransomware attack (source)
- Lee Enterprises newspaper disruptions caused by ransomware attack (source)
- Southern Water says Black Basta ransomware attack cost £4.5M in expenses (source)
- Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hunters International ransomware claims attack on Tata Technologies (source)
- Toronto Zoo shares update on last year's ransomware attack (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-02 | CVE-2023-34362 | SQL Injection vulnerability in Progress Moveit Cloud and Moveit Transfer In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. | 9.8 |