In Progress MOVEit Transfer prior to 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated malicious user to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
progress moveit cloud |
||
progress moveit transfer |
Symantec products guard against exploitation of vulnerabilities that are being actively exploited by cyber-crime actors.
Posted: 12 Jun, 20233 Min ReadThreat Intelligence SubscribeFollowtwitterlinkedinMOVEit Vulnerabilities: What You Need to KnowSymantec products guard against exploitation of vulnerabilities that are being actively exploited by cyber-crime actors.Extortion actors have been actively exploiting a recently patched vulnerability in MOVEit Transfer, a file-transfer application that is widely used to transmit information between organizations. The nature of the ...
IT threat evolution in Q2 2023 IT threat evolution in Q2 2023. Non-mobile statistics IT threat evolution in Q2 2023. Mobile statistics These statistics are based on detection verdicts of Kaspersky products and services received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, in Q2 2023: Kaspersky solutions blocked 801,934,281 attacks from online resources across the globe. A total of 209,716,810 unique links were detected by Web ...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Plus: The Feds weigh in with advice, details
Clop, the ransomware crew that has exploited the MOVEit vulnerability extensively to steal corporate data, has given victims a June 14 deadline to pay up or the purloined information will be leaked. Organizations including British Airways, the BBC, and the Boots pharmacy chain in the UK have had their employees' records stolen by the Russian gang via the software flaw. It's feared thousands if not tens of thousands of workers have had their personal info swiped. Crucially, to steal the data, Clo...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Millions of people's personal info swiped, Clop leaks begin with 'Shell's stolen data'
Progress Software on Friday issued a fix for a third critical bug in its MOVEit file transfer suite, a vulnerability that had just been disclosed the day earlier. Details of the latest vulnerability, tracked as CVE-2023-35708, were made public Thursday; proof-of-concept (PoC) exploit for the flaw, now fixed today, also emerged on Thursday. A researcher who goes by the handle MCKSys Argentina confirmed to The Register that a June 16 MOVEit patch for CVE-2023-35708 mitigated the researcher's PoC e...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Microsoft blames Clop ransomware crew for theft of staff info
British Airways, the BBC, and UK pharmacy chain Boots are among the companies whose data has been compromised after miscreants exploited a critical vulnerability in deployments of the MOVEit document-transfer app. Microsoft reckons the Clop ransomware crew stole the information. British Airways, the BBC, and Boots were not hit directly. Instead, payroll services provider Zellis on Monday admitted its MOVEit installation had been exploited, and as a result "a small number of our customers" – in...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources 'One of the most significant hacks of recent years,' we're told
The number of victims and costs tied to the MOVEit file transfer hack continues to climb as the fallout from the massive supply chain attack enters week seven. In late May, Russian ransomware gang Clop exploited a security hole in Progress Software's MOVEit product suite to steal documents from vulnerable networks. As of today, the number of affected organizations is closing is on 400 and include some really big names: the US Department of Energy and other federal agencies as well as huge corpor...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources As another CVE is assigned
Two more organizations hit in the mass exploitation of the MOVEit file-transfer tool have been named – the Minnesota Department of Education in the US, and the UK's telco regulator Ofcom – just days after security researchers discovered additional flaws in Progress Software's buggy suite. Ofcom disclosed this week it is among the businesses and public bodies that have had their internal data stolen by crooks exploiting a MOVEit flaw. Russia's Clop ransomware crew has since claimed it has bee...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Progress Software vulnerability ID'd in enormous burglary at Ontario's BORN
Canada's Better Outcomes Registry & Network (BORN) fears a MOVEit breach allowed cybercriminals to copy 3.4 million people's childcare health records dating back more than a decade. BORN, which collates and uses information on "pregnancy, birth, the newborn period and childhood to improve care," says it became aware of the incident on May 31 and notified relevant authorities, including the Ontario Provincial Police and the province's Information and Privacy Commissioner. "During the breach, ...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Maximus plus Deloitte and Chuck E. Cheese join 500+ victim orgs
Accounting giant Deloitte, pizza and birthday party chain Chuck E. Cheese, government contractor Maximus, and the Hallmark Channel are among the latest victims that the Russian ransomware crew Clop claims to have compromised via the MOVEit vulnerability. Deloitte confirmed an intrusion but declined to answer The Register's questions about how much and what type of data was accessed in the incident. The biz now joins PwC and Ernst and Young – all three big accounting firms – among the hundred...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Security is a process, not a product. Nor a language
Memory-safety flaws represent the majority of high-severity problems for Google and Microsoft, but they're not necessarily associated with the majority of vulnerabilities that actually get exploited. So while coding with Rust can help reduce memory safety vulnerabilities, it won't fix everything. Security biz Horizon3.ai has analyzed CISA's Known Exploited Vulnerabilities in 2023 and found, as chief attack engineer Zach Hanley put it, that "Rust won’t save us, but it will help us." We feel thi...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Nearly 95M people in total snagged by flaw in file transfer tool
Just short of a year after the initial incident, the state of Georgia's higher education government agency has confirmed that it was the victim of an attack on its systems affecting the data of 800,000 people. University System of Georgia (USG), which oversees 26 higher education institutions in the state, filed a disclosure with the attorney general of Maine on Tuesday – the first time it has publicly explained the incident it detected on May 31, 2023. In a letter sent to the 800,000 victims,...