BRANDEFENSE BRANDEFENSE
  • Platform
    How It Works?
    Platform Overview
    Cyber Intelligence
    Brand & Reputation Protection
    Exposure Management
    By Use Case
    Preventing Data Leakage
    Phishing Monitoring
    Account Takeover Detection
    Stolen Credit Cards
    Dark Web Monitoring
    Remediation and Takedown
    Q1 | 2023
    Explore the Ransomware Attacks
  • Solutions
    Threat Intelligence Service
    Brand Protection
    Vulnerability Management
    Attack Surface Management
    Fraud Protection
    VIP Security
    Vulnerability Intelligence
  • Resources
    Blog
    Infographics
    Datasheets
    Security News
    Threat Intelligence Researches
    Digital Risk Protection – FAQ
    Cybersecurity Glossary
    Events
  • Partners
    About the Partner Program
    Become a Partner
    Partner Portal
  • Company
    About Us
    Join Us!
    We in the Press
    Privacy Policy
    Terms of Use
    Contact Us
Request a Demo
Login

BRANDEFENSE

  • Platform
    How It Works?
    Platform Overview
    Cyber Intelligence
    Brand & Reputation Protection
    Exposure Management
    By Use Case
    Preventing Data Leakage
    Phishing Monitoring
    Account Takeover Detection
    Stolen Credit Cards
    Dark Web Monitoring
    Remediation and Takedown
    Q1 | 2023
    Explore the Ransomware Attacks
  • Solutions
    Threat Intelligence Service
    Brand Protection
    Vulnerability Management
    Attack Surface Management
    Fraud Protection
    VIP Security
    Vulnerability Intelligence
  • Resources
    Blog
    Infographics
    Datasheets
    Security News
    Threat Intelligence Researches
    Digital Risk Protection – FAQ
    Cybersecurity Glossary
    Events
  • Partners
    About the Partner Program
    Become a Partner
    Partner Portal
  • Company
    About Us
    Join Us!
    We in the Press
    Privacy Policy
    Terms of Use
    Contact Us
MOVEit Transfer Software Exploited Through Critical Zero Day Vulnerability 2023

MOVEit Transfer Software Exploited Through Critical Zero Day Vulnerability 2023

BRANDEFENSE
Security News
05/06/2023

Last updated on July 28th, 2023 at 03:45 pm

Table of Contents

  • The Critical Zero-Day: CVE-2023-34362
  • Second MFT 0-Day in Six Months
    • Cl0p Ransomware Gangs Announced They Exploit Over 130 Organizations
  • How Can Brandefense Help You?
    • Brandefense Dark Web Monitoring Solution
      • Dark Web Monitoring

The Critical Zero-Day: CVE-2023-34362

 

Ipswitch, a subsidiary of Progress Software Corporation, has been hit by a major cybersecurity vulnerability exploited by unknown hackers to attack its MOVEit Transfer software. The software is a popular application for businesses and customers to transfer data securely. Identified as CVE-2023-34362 – a zero-day vulnerability – Progress Software Corporation has issued a critical security advisory warning its customers to take precautionary measures immediately.

The software developer advises all its customers to restrict access to external traffic to ports 80 and 443 on MOVEit Transfer servers until patches have been installed. While Progress notes that the recommendation is necessary, it also concedes that it will affect the operations of certain applications such as MOVEit Automation tasks, API functions, and the plugin functionality of the Outlook MOVEit Transfer.

Vulnerable to SQL injection that leads to remote code execution, cybersecurity company, Rapid7, has identified the zero-day flaw in the software. With approximately 2,500 exposed servers, primarily in the United States, Rapid7 notes a common feature of all exploited devices is the ‘human2.asp’ webshell, which can execute a series of commands if accessed with the correct password. Scarily, these commands enable the attacker to retrieve vast amounts of data from the server, such as lists of stored files, user details, and Azure Blob Storage account configurations.

Reportedly several admins have reported discovering multiple unexpected files post-breach. What is worrying is that the breach likely began over the long Memorial Day weekend in the United States when system monitoring is often at its minimum.

With a potential for data theft and exposure, cybersecurity experts are warning organizations to shut down their MOVEit Transfers until the issue is resolved and a comprehensive investigation for compromise has been conducted.

Charles Carmakal, CTO of Mandiant, strongly suggests that all organizations using MOVEit Transfer should acquire a forensic examination to ascertain whether their system was compromised and if data was stolen. Furthermore, Progress Software has confirmed that its cloud platform was impacted, potentially broadening the scope of victims. The company has released mitigation steps for on-premise and cloud-based systems, and experts recommend organizations follow them.

Microsoft has attributed the attacks exploiting the CVE-2023-34362 MOVEit Transfer 0-day vulnerability to Lace Tempest, known for ransomware operations and running the infamous Clop extortion site. The software giant has also published articles with IOCs, detections, and hunting guidance and will continue to monitor the situation with stakeholders.

Second MFT 0-Day in Six Months

 

Cl0p Ransomware Gangs Announced They Exploit Over 130 Organizations

 

The zero day vulnerability in the GoAnywhere file-sharing software is tracked with the code CVE-2023-0669 and was first discovered on February 3, 2023. On February 6, 2023, an exploit code was released for this vulnerability, and by February 10, 2023, Cl0p operators had announced that they had used the exploit to attack 130 organizations… [Read More]

How Can Brandefense Help You?

 

Our innovative service offers a range of benefits that can help you stay ahead of cybercriminals and protect your brand reputation. With early detection of cyber threats, you’ll have more time to respond and prevent potential data breaches or other attacks. Our dark web monitoring can enhance your overall security posture and protect your sensitive data and assets.

 

Brandefense Dark Web Monitoring Solution

 

Early Detection of Cyber Threats: Dark web monitoring allows businesses to detect cyber threats early on, giving them more time to respond and prevent potential data breaches or other attacks.

Enhanced Security: By monitoring the dark web for potential threats, businesses can stay ahead of cybercriminals and protect their sensitive data and assets.

Brand Protection: Dark web monitoring can also help businesses protect their brand reputation by detecting any attempts to sell counterfeit products or impersonate their brand.

Cost-Effective: The cost of a data breach can be substantial in terms of financial losses and damage to brand reputation. Dark web monitoring is a cost-effective way to mitigate these risks and prevent costly cyber attacks.

 

Contact us today to learn more about how Brandefense’s dark web monitoring service can help you protect your business and achieve peace of mind.

Dark Web Monitoring

We know what hackers know about you

Discover the Solution
Share on Facebook Share on X
Search
Categories
APT GroupsBlogDark WebDRPSFraudRansomwareSector AnalysisSecurity NewsVIP SecurityWe in the PressWeekly Newsletter
Recent Posts
  • What is Supply Chain Security?
    What is Supply Chain Security?
  • Godfather Android Banking Trojan Technical Analysis
    Godfather Android Banking Trojan Technical Analysis
  • Celebrating a Milestone: Brandefense Earns a Spot on Fast Company Turkey’s Top 100 Start-Up List
    Celebrating a Milestone: Brandefense Earns a Spot on Fast Company Turkey’s Top 100 Start-Up List
  • Perspective of the Month | Anonymous Sudan | June – July 2023
    Perspective of the Month | Anonymous Sudan | June – July 2023
Ransomware Trends Report | Q2 2023
Ransomware Attack Trends in the Second Quarter of 2023
Report

Ransomware Attack Trends in the Second Quarter of 2023

Download Report
Follow us!

Continue Reading

Previous post

“Triangulation Trojan” Launches Sophisticated Attack on Apple Devices

triangulation apple trojan
microsoft patch tuesday june 2023
Next post

Microsoft Patch Tuesday: June 2023

We know what hackers know about you

Our cyber threat intelligence and security research team is ready to help you.
image link

Brandefense is solving SOC’s complex challenges. We are here to help Brandefense customers to protect their brands and reputations against cyber threats.

United States:

300 Delaware Ave. Ste 210 #328 Wilmington, DE 19801 / USA

Republic of Turkey:

Üniversiteler, 1605 Cd. Cyberpark Vakıf Binası Kat: -1 No: B25, 06800 Çankaya/Ankara

© 2022 Brandefense. All rights reserved.

Solutions
Threat IntelligenceBrand ProtectionVulnerability ManagementFraud ProtectionVIP SecurityAttack Surface ManagementVulnerability Intelligence
Use Case
Data LeakagePhishing MonitoringAccount Takeover DetectionStolen Credit CardsDark Web MonitoringRemediation / Takedown
Partners
About the Partner ProgramBecome a Partner
Company
AboutCareerPrivacy PolicyTerms Of UseContact
Close
Search

Hit enter to search or ESC to close

cookie By using this website, you agree to our cookie policy. Close