Security News

"An SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database," reads Progress's security bulletin. "An attacker could submit a crafted payload to a MOVEit Transfer application endpoint which could result in modification and disclosure of MOVEit database content" - MOVEit Transfer advisory.

Siemens Energy has confirmed that data was stolen during the recent Clop ransomware data-theft attacks using a zero-day vulnerability in the MOVEit Transfer platform.Today, Clop listed Siemens Energy on their data leak site, indicating that data was stolen during a breach on the company.

The New York City Department of Education says hackers stole documents containing the sensitive personal information of up to 45,000 students from its MOVEit Transfer server.The Clop ransomware gang has claimed responsibility for the CVE-2023-34362 MOVEit Transfer attacks on June 5 in a statement shared with BleepingComputer, with the cybercrime gang saying it breached the MOVEit servers of "Hundreds of companies."

The compromise of PBI Research and The Berwyn Group's MOVEit installation has resulted in the theft of data belonging to several pension systems and insurance companies - and millions of their users. The fallout from the PBI Research MOVEit compromise.

PBI Research Services has suffered a data breach with three clients disclosing that the data for 4.75 million people was stolen in the recent MOVEit Transfer data-theft attacks. In a MOVEit Security Event notice published on their website, Genworth says PBI informed them of the security breach on May 29th, 2023, and verified on June 16th that customers' personal data was stolen.

Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability discovered in the web application in less that a month. "An attacker could submit a crafted payload to a MOVEit Transfer application endpoint which could result in modification and disclosure of MOVEit database content," the company said on Thursday.

Progress Software on Friday issued a fix for a third critical bug in its MOVEit file transfer suite, a vulnerability that had just been disclosed the day earlier. A researcher who goes by the handle MCKSys Argentina confirmed to The Register that a June 16 MOVEit patch for CVE-2023-35708 mitigated the researcher's PoC exploit code, which was shared in screenshot form.

Louisiana and Oregon warn that millions of driver's licenses were exposed in a data breach after a ransomware gang hacked their MOVEit Transfer security file transfer systems to steal stored data. The agency says there is no indication that Clop used, sold, shared, or released any of that data, so the stolen data may have been deleted as the ransomware actors promised in their announcement to delete any stolen government data.

Progress Software on Thursday disclosed a third vulnerability impacting its MOVEit Transfer application, as the Cl0p cybercrime gang deployed extortion tactics against affected companies. The company is urging all its customers to disable all HTTP and HTTPs traffic to MOVEit Transfer on ports 80 and 443 to safeguard their environments while a patch is being prepared to address the weakness.

The US Department of Energy and other federal bodies are among a growing list of organizations hit by Russians exploiting the MOVEit file-transfer vulnerability. Many orgs, including the US government, have been hit via this flaw, with Clop blamed for this mass exploitation.