The industrial behemoths Schneider Electric, werum.com, UCLA (http://ucla.edu), Abbie (http://abbvie.com), and Siemens Energy are among the five new MOVEit attacks victims listed on the dark web leak site for the Clop ransomware organization. Industrial Control Systems (ICS) are offered by Siemens Energy and Schneider Electric and are employed in crucial national infrastructures all over the world.
Threat actors assert that by using the recently discovered MOVEit Transfer vulnerability CVE-2023-34362, they were able to breach 100 different businesses.
Incentives are provided by the US government for intelligence that results in the capture, indictment, or location of threat actors.
Source: https://securityaffairs.com/147865/data-breach/schneider-electric-siemens-energy-moveit.html
TPRM report: https://www.rankiteo.com/company/koerber-pharma
"id": "krb23592723",
"linkid": "koerber-pharma",
"type": "Breach",
"date": "6/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'Energy Management and Automation',
'name': 'Schneider Electric',
'type': 'Industrial Company'},
{'industry': 'Pharmaceutical Manufacturing',
'name': 'werum.com',
'type': 'Software Company'},
{'industry': 'Education',
'location': 'Los Angeles, California',
'name': 'UCLA',
'type': 'Educational Institution'},
{'industry': 'Pharmaceuticals',
'name': 'Abbie',
'type': 'Pharmaceutical Company'},
{'industry': 'Energy',
'name': 'Siemens Energy',
'type': 'Industrial Company'}],
'attack_vector': 'Exploitation of MOVEit Transfer vulnerability '
'CVE-2023-34362',
'description': 'The industrial behemoths Schneider Electric, werum.com, UCLA, '
'Abbie, and Siemens Energy are among the five new MOVEit '
'attacks victims listed on the dark web leak site for the Clop '
'ransomware organization. Industrial Control Systems (ICS) are '
'offered by Siemens Energy and Schneider Electric and are '
'employed in crucial national infrastructures all over the '
'world. Threat actors assert that by using the recently '
'discovered MOVEit Transfer vulnerability CVE-2023-34362, they '
'were able to breach 100 different businesses. Incentives are '
'provided by the US government for intelligence that results '
'in the capture, indictment, or location of threat actors.',
'ransomware': {'ransomware_strain': 'Clop'},
'references': [{'source': 'ucla.edu', 'url': 'http://ucla.edu'},
{'source': 'abbvie.com', 'url': 'http://abbvie.com'}],
'threat_actor': 'Clop ransomware organization',
'title': 'MOVEit Transfer Vulnerability Exploitation by Clop Ransomware Group',
'type': 'Ransomware',
'vulnerability_exploited': 'CVE-2023-34362'}