MOVEit
Getting rid of a 20+ year old known vulnerability: It’s like a PSA for Runtime Security
On Wednesday, March 27, CISA and the FBI issued a cry for help: We need to stamp out SQL injection vulnerabilities, and we need to do it yesterday, they said in a ...
Stupid Human Tricks: Top 10 Cybercrime Cases of 2023
Mark Rasch examines 2023 cybercrime cases that appear to be the most impactful—not the most extensive or expensive—just the most “interesting.” ...
SEC is Investigating Progress Software in Wake of MOVEit Attacks
Progress Software is now adding an investigation by the U.S. Securities and Exchange Commission to its growing list of legal and financial headaches stemming from the massive hack of its MOVEit file ...
Data Breaches from MOVEit Zero-Day Still Piling Up
Cybercrime groups exploiting the zero-day flaw in the MOVEit managed file transfer software linked to the Cl0p ransomware gang continue to rack up victims, with the National Student Clearinghouse non-profit group and ...
Detecting the MOVEit Zero-Day: How MixMode AI Stays Ahead of Threats
We discuss a real-life example of a zero-day exploit, focusing on the MOVEit Transfer Software, and how MixMode can detect and mitigate such threats before they become widespread ...
Widespread Exploitation Continues: MOVEit CVE-2023-34362 Leaves Organizations at Risk
MOVEit CVE-2023-34362 is a Critical SQL Injection vulnerability rated 9.8. It affects all versions of Progress Software’s managed file transfer (MFT) solution, MOVEit Transfer. This vulnerability has the potential to grant unauthorized access ...
MOVEit Cyberattack, The Problem with Password Rotations, Military Alert on Free Smartwatches
Several major organizations, including British Airways and the BBC, fell victim to the recent MOVEit cyberattack. We discuss the alarming trend of hackers targeting trusted suppliers to gain access to customer data, ...
A look into the file-transfer attack (and how to protect your data)
A discussion of recent Fortra, Accellion, and Progress Software file transfer attacks and the security measures that could be used to prevent them. The post A look into the file-transfer attack (and ...
US Gov’t Puts $10M Bounty on CL0P as MOVEit Fallout Continues
The U.S. State Department is offering a $10 million bounty for information related to the Cl0p ransomware gang, which is thought to be behind the MOVEit Transfer vulnerabilities ...
MOVEit Attack Strikes US and State Governments
A global attack campaign fueled by a vulnerability in MOVEit Transfer, a popular file transfer application, has now struck the U.S. Department of Energy, several other U.S. agencies and a spate of ...