Advertisement
Top
image credit: Pxhere

MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362)

June 5, 2023

Via: Help Net Security
Category:

The zero-day vulnerability attackers have exploited to compromise vulnerable Progress Software’s MOVEit Transfer installations finally has an identification number: CVE-2023-34362.

Based on information shared by Mandiant, Rapid7 and other security researchers, the attackers seem to have opportunistically targeted as many exposed organizations as possible, including US government agencies and banks.

Microsoft is attributing the initial attacks to the Cl0p ransomware group (aka FIN11, or Lace Tempest – according to its new threat actor taxonomy).

Read More on Help Net Security

RELATED PUBLICATIONS

Post-LockBit, How Will the Ransomware Ecosystem Evolve?
Tesla hacks make big bank at Pwn2Own’s first automotive-focused event
Infoseccers think attackers backed by China are behind Ivanti zero-day exploits

Latest Publications

Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Autodesk Drive Abused in Phishing Attacks 
Google fixed critical Chrome vulnerability CVE-2024-4058
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!