Security News

MOVEit Transfer hack fallout: BBC, Aer Lingus, Boots among the victims
2023-06-06 10:37

The fallout of the MOVEit Transfer hack via CVE-2023-34362 by the Cl0p gang is expanding, as several UK-based companies have now confirmed that some of their data has been stolen. Caitlin Condon, Senior Manager of Security Research at Rapid7, told Help Net Security that the company has responded to MOVEit Transfer alerts across a wide range of organizations, from small businesses to enterprises with tens of thousands of assets.

Clop ransomware claims responsibility for MOVEit extortion attacks
2023-06-05 21:27

The Clop ransomware gang has told BleepingComputer they are behind the MOVEit Transfer data-theft attacks, where a zero-day vulnerability was exploited to breach multiple companies' servers and steal data. Conducting attacks around holidays is a common tactic for the Clop ransomware operation, which has previously undertaken large-scale exploitation attacks during holidays when staff is at a minimum.

MOVEit zero-day exploit used by data breach gangs: The how, the why, and what to do…
2023-06-05 19:59

Last week, Progress Software Corporation, which sells software and services for user interface developement, devops, file management and more, alerted customers of its MOVEit Transfer product about a critical vulnerability dubbed CVE-2023-34362. If the backend data is stored in a SQL database, the web server might convert that URL into a SQL command like the one shown below.

British Airways, Boots, BBC payroll data stolen in MOVEit supply-chain attack
2023-06-05 19:29

British Airways, the BBC, and UK pharmacy chain Boots are among the companies whose data has been compromised after miscreants exploited a critical vulnerability in deployments of the MOVEit document-transfer app. Instead, payroll services provider Zellis on Monday admitted its MOVEit installation had been exploited, and as a result "a small number of our customers" - including the aforementioned British trio - had their information stolen.

Microsoft links Clop ransomware gang to MOVEit data-theft attacks
2023-06-05 12:54

Microsoft has linked the Clop ransomware gang to recent attacks exploiting a zero-day vulnerability in the MOVEit Transfer platform to steal data from organizations. "Microsoft is attributing attacks exploiting the CVE-2023-34362 MOVEit Transfer 0-day vulnerability to Lace Tempest, known for ransomware operations & running the Clop extortion site," the Microsoft Threat Intelligence team tweeted Sunday night.

Microsoft: Lace Tempest Hackers Behind Active Exploitation of MOVEit Transfer App
2023-06-05 12:03

Microsoft has officially linked the ongoing active exploitation of a critical flaw in the Progress Software MOVEit Transfer application to a threat actor it tracks as Lace Tempest. "Exploitation is often followed by deployment of a web shell with data exfiltration capabilities," the Microsoft Threat Intelligence team said in a series of tweets today.

MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362)
2023-06-05 11:56

The zero-day vulnerability attackers have exploited to compromise vulnerable Progress Software's MOVEit Transfer installations finally has an identification number: CVE-2023-34362. Microsoft is attributing the initial attacks to the Cl0p ransomware group.

CISA orders govt agencies to patch MOVEit bug used for data theft
2023-06-04 15:14

CISA has added an actively exploited security bug in the Progress MOVEit Transfer managed file transfer solution to its list of known exploited vulnerabilities, ordering U.S. federal agencies to patch their systems by June 23. The critical flaw is an SQL injection vulnerability that enables unauthenticated, remote attackers to gain access to MOVEit Transfer's database and execute arbitrary code.

Week in review: MOVEit Transfer critical zero-day vulnerability, Kali Linux 2023.2 released
2023-06-04 08:00

MOVEit Transfer zero-day attacks: The latest infoProgress Software has updated the security advisory and confirmed that the vulnerability is a SQL injection vulnerability in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more!Offensive Security has released Kali Linux 2023.2, the latest version of its popular penetration testing and digital forensics platform.

MOVEit Transfer zero-day attacks: The latest info
2023-06-02 09:26

There's new information about the zero-day vulnerability in Progress Software's MOVEit Transfer solution exploited by attackers and - more importantly - patches and helpful instructions for customers. The MOVEit Transfer zero-day and updated mitigation and remediation advice.