EEVblog Electronics Community Forum
A Free & Open Forum For Electronics Enthusiasts & Professionals
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email
?
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
This topic
This board
Entire forum
Google
Bing
Home
Help
Search
About us
Links
Login
Register
EEVblog Electronics Community Forum
»
Products
»
Computers
»
Security
»
MOVEit - secure data transfers with 0-day
« previous
next »
Print
Search
Pages: [
1
]
Go Down
Author
Topic: MOVEit - secure data transfers with 0-day (Read 622 times)
0 Members and 1 Guest are viewing this topic.
madires
Super Contributor
Posts: 7767
Country:
A qualified hobbyist ;)
MOVEit - secure data transfers with 0-day
«
on:
June 06, 2023, 01:00:37 pm »
The 0-day:
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft (
https://www.mandiant.com/resources/blog/zero-day-moveit-data-theft
)
The victims:
MOVEit hack: BBC, BA and Boots among cyber attack victims (
https://www.bbc.com/news/technology-65814104
)
The bad guys:
Microsoft Links MOVEit Attack to Cl0p as British Airways, BBC Fall (
https://www.darkreading.com/application-security/microsoft-links-moveit-attack-cl0p-british-airways-fall
)
Logged
madires
Super Contributor
Posts: 7767
Country:
A qualified hobbyist ;)
Re: MOVEit - secure data transfers with 0-day
«
Reply #1 on:
June 16, 2023, 08:38:06 am »
Used since 2021:
Clop Ransomware Likely Sitting on MOVEit Transfer Vulnerability (CVE-2023-34362) Since 2021 (
https://www.kroll.com/en/insights/publications/cyber/clop-ransomware-moveit-transfer-vulnerability-cve-2023-34362
)
And there's a second vulnerability:
MOVEit Transfer Critical Vulnerability – CVE Pending (June 15, 2023) (
https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-15June2023
)
More victims:
State governments among victims of MoveIT Transfer breach (
https://www.techtarget.com/searchsecurity/news/366541896/State-governments-among-victims-of-MoveIT-Transfer-breach
)
US gov agencies slammed by MOVEit hack (
https://cybernews.com/security/us-gov-agencies-hit-moveit-attack-clop/
)
Russian cybercrime gang hacks federal agencies (
https://www.politico.com/news/2023/06/15/multiple-federal-agencies-hit-by-hack-00102229
)
«
Last Edit: June 16, 2023, 08:41:15 am by madires
»
Logged
madires
Super Contributor
Posts: 7767
Country:
A qualified hobbyist ;)
Re: MOVEit - secure data transfers with 0-day
«
Reply #2 on:
June 21, 2023, 02:33:13 pm »
Another victim: NortonLifeLock
NortonLifeLock Hacked, Cl0p Ransomware Gang Takes Responsibility (
https://thecyberexpress.com/nortonlifelock-hacked-cl0p-ransomware-moveit/
)
And there's already a database of victims:
MOVEit victim list (
https://konbriefing.com/en-topics/cyber-attacks-moveit-victim-list.html
)
Logged
SiliconWizard
Super Contributor
Posts: 14481
Country:
Re: MOVEit - secure data transfers with 0-day
«
Reply #3 on:
June 21, 2023, 09:50:47 pm »
Well, the name is well choosen, data is being moved all over the place indeed.
Nice web site:
https://www.progress.com/moveit
Logged
Print
Search
Pages: [
1
]
Go Up
« previous
next »
Share me
Smf
EEVblog Electronics Community Forum
»
Products
»
Computers
»
Security
»
MOVEit - secure data transfers with 0-day
There was an error while thanking
Thanking...
EEVblog Main Site
EEVblog on Youtube
EEVblog on Twitter
EEVblog on Facebook
EEVblog on Odysee