A critical SQL injection vulnerability (CVE-2024-2879) in the LayerSlider WordPress plugin, affecting versions 7.9.11 through 7.10.0, puts over one million sites at risk of data breaches and complete takeover. The flaw, discovered by researcher AmrAwad and reported to Wordfence, allows attackers to extract sensitive data from the site's database. The plugin's creator, Kreatura Team, released a security update (version 7.10.1) within 48 hours of notification, urging all users to upgrade immediately. WordPress site admins are advised to prioritize applying security updates, disable unnecessary plugins, use strong passwords, and deactivate dormant accounts to enhance site security.
A critical security flaw (CVE-2024-2879) in the LayerSlider plugin for WordPress could lead to the extraction of sensitive information from databases. The flaw, impacting versions 7.9.11 through 7.10.0, has been addressed in version 7.10.1. Additionally, other WordPress plugins such as WP-Members Membership, Tutor LMS, and Contact Form Entries have also been found to have security vulnerabilities that could be exploited for various malicious activities.
Progress Software has patched a critical SQL injection vulnerability, CVE-2023-36934, in its MOVEit Transfer software, which could allow unauthenticated attackers to gain unauthorized access to the database. This vulnerability is particularly dangerous as it can be exploited without valid credentials. Two other high-severity vulnerabilities, CVE-2023-36932 and CVE-2023-36933, have also been addressed in the update. Users are advised to update to the latest version of MOVEit Transfer to mitigate the risks associated with these vulnerabilities.
Progress Software's managed file transfer application, Moveit, has been hit by a third vulnerability, CVE-2023-35708, which allows hackers to gain unauthorized access to its database. The vulnerability joins two previously reported issues, CVE-2023-34362 and CVE-2023-35036. More than 3,000 hosts are running the software, with over 30% in the financial services industry. Progress Software recommends users and hosts patch the product and mitigate the vulnerabilities immediately. Researchers believe the Clop ransomware gang has been aware of the vulnerability since 2021.
Progress Software has released security updates to fix new SQL injection vulnerabilities in the MOVEit Transfer application that could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database. All versions of MOVEit Transfer are affected by these vulnerabilities. The vulnerabilities were discovered by researchers from the cybersecurity firm Huntress. The Clop ransomware gang claims to have hacked hundreds of companies by exploiting a previous MOVEit Transfer vulnerability. Progress Software is not aware of attacks in the wild exploiting these new vulnerabilities.
Progress Software has warned customers of newly discovered critical SQL injection vulnerabilities in its MOVEit Transfer managed file transfer solution that can allow attackers to steal information from customers' databases. The security bugs were discovered with the help of cybersecurity firm Huntress following detailed code reviews initiated by Progress on May 31. The vulnerabilities affect all MOVEit Transfer versions and enable unauthenticated attackers to compromise Internet-exposed servers to alter or extract customer information. Progress has released a patch for the vulnerabilities and urges all customers to apply it immediately. The Clop ransomware gang has claimed responsibility for targeting a MOVEit Transfer zero-day vulnerability, which led to a series of data-theft attacks that have allegedly affected "hundreds of companies."
The Cl0p Ransomware Gang has been exploiting a critical flaw in Progress Software's MOVEit Transfer application to drop ransomware. The gang has issued an ultimatum to several impacted businesses, urging them to get in touch by June 14, 2023, or risk getting all their stolen data published. The abuse of CVE-2023-34362, an SQL injection flaw in MOVEit Transfer, is a sign of the adversary continuously seeking zero-day exploits in internet-facing applications and using them to their advantage in order to extort victims.
Organizations of all sizes are being targeted by the Clop ransomware group through a critical vulnerability in the widely used file-transfer program, MOVEit. The attacks are fueled by a recently patched SQL injection vulnerability, allowing attackers to steal data from compromised servers. The attacks have hit banks, government agencies, and other targets in alarmingly high numbers. The attacks are described as widespread and are expected to get worse.
Microsoft has linked the ongoing exploitation of a critical flaw in the Progress Software MOVEit Transfer application to the Lace Tempest threat actor. The group is known for exploiting different zero-day flaws to siphon data and extort victims. The flaw, CVE-2023-34362, allows attackers to authenticate as any user and gain access to the database and execute arbitrary code. At least 3,000 exposed hosts are believed to be utilizing the MOVEit Transfer service. Users are recommended to apply vendor-provided patches as soon as possible to secure against potential risks.
