"MOVEit Transfer Software Continues to Face New Vulnerabilities and Patches"
Progress Software has issued another patch for its MOVEit file transfer suite after cybersecurity firm Huntress discovered more vulnerabilities that could be exploited. The original attack, which targeted high-profile companies like British Airways, the BBC and Boots, exploited a SQL injection vulnerability in the MOVEit document transfer app to gain access to environments and exfiltrate data. Meanwhile, the FBI's decision to seed a compromised secure messaging app into the criminal underworld five years ago is still paying dividends, with US officials offering a $5m reward for the apprehension of one of the duped criminals who sold access to the compromised comms system.
- Hold it – more vulnerabilities found in MOVEit file transfer software The Register
- New MOVEit Vulnerabilities Found as More Zero-Day Attack Victims Come Forward SecurityWeek
- Progress Software releases patch for second MOVEit Transfer vulnerability ComputerWeekly.com
- Experts found new MOVEit Transfer SQL Injection flaws Security Affairs
- Progress issues new patch for MOVEit Transfer after more vulnerabilities found SC Media
Reading Insights
0
1
4 min
vs 5 min read
88%
868 → 102 words
Want the full story? Read the original article
Read on The Register