progress-asia-moveit

progress-asia-moveit

The application development and infrastructure software company in the Boston region alerted users to a significant SQL injection vulnerability in MOVEit Transfer that allow attackers to escalate their privileges and gain access to target systems without authorization.

Researchers at Mandiant, Rapid7, and other companies claimed to have observed widespread data theft and mass exploitation linked to the vulnerability.

Any company using MOVEit should perform a forensic analysis to see if the system has previously been breached and whether any data has been stolen.

Organisations should be ready for future extortion and publishing of the stolen material, even though Mandiant does not yet know the motivation of the threat actor.

Source: https://www.govinfosecurity.com/hackers-exploit-progress-moveit-file-transfer-vulnerability-a-22211

"id": "PRO12124623",
"linkid": "progress-asia-moveit",
"type": "Vulnerability",
"date": "06/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.