Progress Software has issued a warning to its customers to patch a maximum severity vulnerability in its WS_FTP Server software, which is used by thousands of IT teams worldwide. The vulnerability allows unauthenticated attackers to execute remote commands and perform file operations outside the authorized WS_FTP folder path. Progress is still dealing with the aftermath of data theft attacks on its MOVEit Transfer platform, with over 2,100 organizations and 62 million individuals affected. The Clop ransomware gang is expected to collect an estimated $75-100 million in ransom payments.
Progress Software has patched a critical SQL injection vulnerability, CVE-2023-36934, in its MOVEit Transfer software, which could allow unauthenticated attackers to gain unauthorized access to the database. This vulnerability is particularly dangerous as it can be exploited without valid credentials. Two other high-severity vulnerabilities, CVE-2023-36932 and CVE-2023-36933, have also been addressed in the update. Users are advised to update to the latest version of MOVEit Transfer to mitigate the risks associated with these vulnerabilities.
Progress Software has fixed a third SQL injection vulnerability (CVE-2023-35708) in its MOVEit Transfer web application, which could lead to escalated privileges and unauthorized access. The Cl0p cyber extortion gang exploited a previous vulnerability (CVE-2023-34362) to grab enterprise data and has started disclosing the names of victim organizations, including Shell, banks, media companies, and universities. Progress Software has urged customers to update their MOVEit Transfer installations to the latest versions to fix the vulnerability.
Progress Software's managed file transfer application, Moveit, has been hit by a third vulnerability, CVE-2023-35708, which allows hackers to gain unauthorized access to its database. The vulnerability joins two previously reported issues, CVE-2023-34362 and CVE-2023-35036. More than 3,000 hosts are running the software, with over 30% in the financial services industry. Progress Software recommends users and hosts patch the product and mitigate the vulnerabilities immediately. Researchers believe the Clop ransomware gang has been aware of the vulnerability since 2021.
Progress Software has issued a patch for a third critical vulnerability in its MOVEit file transfer suite, CVE-2023-35708, which was disclosed a day earlier. A proof-of-concept exploit for the flaw was also made public on the same day. The vulnerability is another SQL injection flaw that could allow an unauthenticated attacker to break into organizations' MOVEit Transfer database and steal its content. The Clop ransomware gang has exploited MOVEit's security shortcomings to steal data from organizations, with Shell reportedly becoming the first organization to have its stolen data published on the Clop leak site.
Progress Software has disclosed a third vulnerability in its MOVEit Transfer application, which is yet to be assigned a CVE identifier, that could lead to escalated privileges and potential unauthorized access to the environment. The Cl0p ransomware gang has been deploying extortion tactics against affected companies, and the vulnerability has been exploited in data theft attacks. Progress Software is urging its customers to disable all HTTP and HTTPs traffic to MOVEit Transfer on ports 80 and 443 to safeguard their environments while a patch is being prepared to address the weakness.
Progress Software has issued another patch for its MOVEit file transfer suite after cybersecurity firm Huntress discovered more vulnerabilities that could be exploited. The original attack, which targeted high-profile companies like British Airways, the BBC and Boots, exploited a SQL injection vulnerability in the MOVEit document transfer app to gain access to environments and exfiltrate data. Meanwhile, the FBI's decision to seed a compromised secure messaging app into the criminal underworld five years ago is still paying dividends, with US officials offering a $5m reward for the apprehension of one of the duped criminals who sold access to the compromised comms system.
Progress Software has released security updates to fix new SQL injection vulnerabilities in the MOVEit Transfer application that could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database. All versions of MOVEit Transfer are affected by these vulnerabilities. The vulnerabilities were discovered by researchers from the cybersecurity firm Huntress. The Clop ransomware gang claims to have hacked hundreds of companies by exploiting a previous MOVEit Transfer vulnerability. Progress Software is not aware of attacks in the wild exploiting these new vulnerabilities.
Progress Software has warned customers of newly discovered critical SQL injection vulnerabilities in its MOVEit Transfer managed file transfer solution that can allow attackers to steal information from customers' databases. The security bugs were discovered with the help of cybersecurity firm Huntress following detailed code reviews initiated by Progress on May 31. The vulnerabilities affect all MOVEit Transfer versions and enable unauthenticated attackers to compromise Internet-exposed servers to alter or extract customer information. Progress has released a patch for the vulnerabilities and urges all customers to apply it immediately. The Clop ransomware gang has claimed responsibility for targeting a MOVEit Transfer zero-day vulnerability, which led to a series of data-theft attacks that have allegedly affected "hundreds of companies."
The Cl0p Ransomware Gang has been exploiting a critical flaw in Progress Software's MOVEit Transfer application to drop ransomware. The gang has issued an ultimatum to several impacted businesses, urging them to get in touch by June 14, 2023, or risk getting all their stolen data published. The abuse of CVE-2023-34362, an SQL injection flaw in MOVEit Transfer, is a sign of the adversary continuously seeking zero-day exploits in internet-facing applications and using them to their advantage in order to extort victims.
Progress Software discovered a critical security flaw in its MOVEit software, which was already being exploited by cybercriminals to steal large amounts of data. The flaw was detected by a Progress customer on May 28, but the company spent two days confirming the warning before notifying customers on May 30. The notorious cybercriminal gang Clop has claimed responsibility for the data theft, which has affected at least one UK payroll processing company and its customers, including the BBC, Boots, and British Airways. Progress has patched the software to eliminate the threat.
Hackers have stolen data from users of the file transfer tool MOVEit Transfer after a security flaw was discovered in the software. Progress Software, the maker of the software, has made fixes available since it discovered the vulnerability. Cybersecurity firms Rapid7 and Mandiant Consulting have found cases in which the flaw was exploited to steal data. The vulnerability could lead to potential unauthorized access into users' systems. It is not clear which or how many organizations use the software or were impacted by potential breaches.
