The MOVEit Ransomware Attack: Vulnerabilities and Extortion Efforts.
Originally Published 2 years ago — by TechSpot
Progress Software's managed file transfer application, Moveit, has been hit by a third vulnerability, CVE-2023-35708, which allows hackers to gain unauthorized access to its database. The vulnerability joins two previously reported issues, CVE-2023-34362 and CVE-2023-35036. More than 3,000 hosts are running the software, with over 30% in the financial services industry. Progress Software recommends users and hosts patch the product and mitigate the vulnerabilities immediately. Researchers believe the Clop ransomware gang has been aware of the vulnerability since 2021.