Security News

MOVEit Transfer zero-day attacks: The latest infoProgress Software has updated the security advisory and confirmed that the vulnerability is a SQL injection vulnerability in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more!Offensive Security has released Kali Linux 2023.2, the latest version of its popular penetration testing and digital forensics platform.

There's new information about the zero-day vulnerability in Progress Software's MOVEit Transfer solution exploited by attackers and - more importantly - patches and helpful instructions for customers. The MOVEit Transfer zero-day and updated mitigation and remediation advice.

A critical flaw in Progress Software's in MOVEit Transfer managed file transfer application has come under widespread exploitation in the wild to take over vulnerable systems."An SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database," the company said.

Security researchers and the US government have sounded the alarm on a flaw in Progress Software's MOVEit Transfer that criminals have been "Mass exploiting" for at least a month to break into IT environments and steal data. There's now MOVEit Transfer 2023.0.1, 2022.1.5, 2022.0.4, 2021.1.4, and 2021.0.6 available to fix the insecure code.

A critical zero-day vulnerability in Progress Software's enterprise managed file transfer solution MOVEit Transfer is being exploited by attackers to grab corporate data. " could lead to escalated privileges and potential unauthorized access to the environment," the company warned on Wednesday, and advised customers to take action to protect their MOVEit Transfer environment, "While our team produces a patch."

Hackers are actively exploiting a zero-day vulnerability in the MOVEit Transfer file transfer software to steal data from organizations. MOVEit Transfer is a managed file transfer solution developed by Ipswitch, a subsidiary of US-based Progress Software Corporation, that allows the enterprise to securely transfer files between business partners and customers using SFTP, SCP, and HTTP-based uploads.