Zero-day vulnerability in MOVEit Transfer tool exploited in data theft attacks.
TL;DR Summary
Hackers are exploiting a zero-day vulnerability in the MOVEit Transfer file transfer software to steal data from organizations. The flaw is a SQL injection vulnerability that leads to remote code execution and does not currently have a CVE assigned to it. Cybersecurity firm Rapid7 says that the MOVEit Transfer flaw is a SQL injection vulnerability that leads to remote code execution and does not currently have a CVE assigned to it. The attacks started over the long US Memorial Day holiday when fewer staff were monitoring systems.
- New MOVEit Transfer zero-day mass-exploited in data theft attacks BleepingComputer
- Experts warn of MOVEit Transfer tool exploitation using zero-day bug The Record by Recorded Future
- Critical zero-day vulnerability in MOVEit Transfer exploited by attackers! Help Net Security
- View Full Coverage on Google News
Reading Insights
Total Reads
0
Unique Readers
0
Time Saved
5 min
vs 6 min read
Condensed
92%
1,095 → 87 words
Want the full story? Read the original article
Read on BleepingComputer