The zero-day vulnerability attackers have exploited to compromise vulnerable Progress Software’s MOVEit Transfer installations finally has an identification number: CVE-2023-34362.
Based on information shared by Mandiant, Rapid7 and other security researchers, the attackers seem to have opportunistically targeted as many exposed organizations as possible, including US government agencies and banks.
Microsoft is attributing the initial attacks to the Cl0p ransomware group (aka FIN11, or Lace Tempest – according to its new threat actor taxonomy).