Security News

Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability discovered in the web application in less that a month. "An attacker could submit a crafted payload to a MOVEit Transfer application endpoint which could result in modification and disclosure of MOVEit database content," the company said on Thursday.

A security flaw has been uncovered in the WooCommerce Stripe Gateway WordPress plugin that could lead to the unauthorized disclosure of sensitive information. WooCommerce Stripe Gateway allows e-commerce websites to directly accept various payment methods through Stripe's payment processing API. It boasts of over 900,000 active installations.

As more victim organizations of Cl0p gang's MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE vulnerability exploited by the Cl0p cyber extortion group to plunder confidential data. Rapid7 has released an analysis of the vulnerability and a full exploit chain for CVE-2023-34362.

Fortinet on Monday disclosed that a newly patched critical flaw impacting FortiOS and FortiProxy may have been "Exploited in a limited number of cases" in attacks targeting government, manufacturing, and critical infrastructure sectors. The vulnerability, tracked as CVE-2023-27997, concerns a heap-based buffer overflow vulnerability in FortiOS and FortiProxy SSL-VPN that could allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.

Infosec in brief Security firms helping Progress Software dissect the fallout from a ransomware attack against its MOVEit file transfer suite have discovered more issues that the company said could be used to stage additional exploits. The newly discovered exploits are distinct from the issue reported earlier, and as such another patch for MOVEit Transfer and MOVEit Cloud have been issued to fix this latest discovered bug.

Details have emerged about a now-patched actively exploited security flaw in Microsoft Windows that could be abused by a threat actor to gain elevated privileges on affected systems. "An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," Microsoft disclosed in an advisory issued last month as part of Patch Tuesday updates.

The U.S. Cybersecurity and Infrastructure Security Agency and Federal Bureau of Investigation have published a joint advisory regarding the active exploitation of a recently disclosed critical flaw in Progress Software's MOVEit Transfer application to drop ransomware. "The Cl0p Ransomware Gang, also known as TA505, reportedly began exploiting a previously unknown SQL injection vulnerability in Progress Software's managed file transfer solution known as MOVEit Transfer," the agencies said.

VMware issued multiple security patches today to address critical and high-severity vulnerabilities in VMware Aria Operations for Networks, allowing attackers to gain remote execution or access sensitive information. Previously known as vRealize Network Insight, this network visibility and analytics tool helps admins optimize network performance or manage and scale various VMware and Kubernetes deployments.

MOVEit is managed file transfer software from Progress, an application development and digital experience technologies provider. Aspx is the native file used by MOVEit Transfer for its web interface.

Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild.Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine.