MOVEit Transfer app during Cl0p ransomware mass attack.
Progress Software revealed a third vulnerability in MOVEit Transfer app while the Cl0p cybercrime group targeted affected companies with extortion tactics,
The newly discovered flaw in MOVEit Transfer app involves an SQL injection vulnerability that could result in escalated privileges and unauthorized access to the system.
To protect their systems, the company advises customers to temporarily disable HTTP and HTTPS traffic on ports 80 and 443 for MOVEit Transfer until a patch is released to address the vulnerability.
From other source.
Just last week, Progress Software disclosed SQL injection vulnerabilities (CVE-2023-35036) that could allow unauthorized access to the database content of the application. Now, they have uncovered yet another vulnerability in the MOVEit Transfer app.
The Clop ransomware gang has not only exploited the CVE-2023-34362 vulnerability for data theft attacks, but they have also discovered two new vulnerabilities. The Lace Tempest group has been testing one of these vulnerabilities since July 2021. According to a report
The Cl0p group has posted a list on the darknet leak portal, stating that they hacked 27 companies, including the Department of Energy and other U.S. federal agencies, by exploiting the MOVEit Transfer flaw. This revelation coincides with the recent vulnerability discovery report form
ReliaQuest reports that the number of potentially breached organizations is much higher than the previous Fortra GoAnywhere MFT campaign exploited by Clop.
According to Censys, a web-based search platform, said out of over 1,400 exposed hosts running MOVEit, approximately 31% belong to the financial services industry, 16% to healthcare, 9% to information technology, and 8% to government and military sectors. Furthermore, nearly 80% of these servers are located in the United States,
According to Kaspersky’s analysis of 97 malware families spread through the malware-as-a-service (MaaS) business model from 2015 to 2022, ransomware holds the highest share at 58%, followed by information stealers at 24%, and botnets, loaders, and backdoors at 18%.
Kaspersky states that money is the driving force behind cybercrime, and the MaaS schemes enable less technically skilled attackers to engage in such activities, thus making it easier to carry out attacks, reports from
If you found the article interesting, I encourage you to explore more exclusive content on our website. We regularly post engaging and informative articles for our readers to enjoy.