Security News

Over 5 million records from 25 organizations posted to black hat forum Amazon employees' data is part of a stolen trove posted to a cybercrime forum linked to last year's MOVEit vulnerability.…

The SEC concludes its investigation into Progress Software's handling of the widespread exploitation of a MOVEit Transfer zero-day flaw that exposed data of over 95 million people. [...]

Open-source Rafel RAT steals info, locks Android devices, asks for ransomThe open-source Rafel RAT is being leveraged by multiple threat actors to compromise Android devices and, in some cases, to lock them, encrypt their contents, and demand money to restore the device to its original state. Future trends in cyber warfare: Predictions for AI integration and space-based operationsIn this Help Net Security interview, Morgan Wright, Chief Security Advisor at SentinelOne, discusses how AI is utilized in modern cyber warfare by state and non-state actors.

A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed....

Threat actors are already trying to exploit a critical authentication bypass flaw in Progress MOVEit Transfer, less than a day after the vendor disclosed it. MOVEit Transfer is a managed file transfer solution used in enterprise environments to securely transfer files between business partners and customers using the SFTP, SCP, and HTTP protocols.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Information regarding which content is presented to you and how you interact with it can be used to determine whether the content e.g. reached its intended audience and matched your interests.

Progress Software has patched one critical and one high-risk vulnerability in MOVEit, its widely used managed file transfer software product. CVE-2024-5805 is an improper authentication vulnerability in MOVEit Gateway, which serves as a proxy so that MOVEit Transfer - the actual managed file transfer software - can receive inbound connections when deployed behind a firewall.

The University System of Georgia is sending data breach notifications to 800,000 individuals whose data was exposed in the 2023 Clop MOVEit attacks. The Clop ransomware gang leveraged a zero-day vulnerability in Progress Software MOVEit Secure File Transfer solution in late May 2023 to conduct a massive worldwide data theft campaign.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks.Earlier this year, the Clop ransomware gang exploited a zero-day MoveIT vulnerability to breach thousands of organizations worldwide, following up with double extortion and data leaks impacting millions of people.