In a security advisory published last Wednesday, Progress Software said the critical vulnerability attack started in May and affected all MOVEit Transfer versions. "An attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or delete database elements," the agency said. Cybersecurity and Infrastructure Security Agency on Friday to prioritize application of the Progress Software patch. Tracked as CVE-2023-34362, the vulnerability prompted the U.S.
"MoveIT Transfer is used across the US Government as a recommended solution and all of them were vulnerable (and in many cases still are as many orgs haven’t patched yet)," Beaumont wrote on Twitter.
The New York Department of Financial Services on Thursday reminded financial organizations to report breaches within 72 hours. None of the three organizations immediately responded to a request for comment. The company's LinkedIn page lists the FBI and major corporations, including JPMorgan Chase Bank and Geico, as customers. MOVEit customers include multiple state governments. Security researcher Kevin Beaumont said the list of organizations that had their data stolen includes multiple U.S. Threat intelligence analyst Germán Fernández on Saturday said he had discovered at least 57 instances of potential compromise with the human2.aspx backdoor, of which 39 were in the United States. organizations so far are less forthcoming. The government of Canadian province Nova Scotia disclosed on Sunday that hackers also breached residents' personal information.ĭisclosures from U.S. Our provider assured us that immediate steps were taken to disable the server." flag carrier said it had been "informed that we are one of the companies impacted by Zellis' cybersecurity incident which occurred via one of their third-party suppliers called MOVEit." Boots said the payroll provider attack affected "some of our team members' personal details. "All Zellis-owned software is unaffected, and there are no associated incidents or compromises to any other part of our IT estate," a company spokesperson said.Īffected clients include British Airways, the BBC and U.K. Known victims include British payroll provider Zellis, which said eight corporate customers were affected. Microsoft said the actor is Lace Tempest, also known as FIN11 or TA505.
See Also: Live Webinar | Breaking Down Security Challenges so Your Day Doesn’t Start at 3pmĪ threat actor began exploiting a critical SQL injection vulnerability in MOVEit Transfer on May 27 and in some cases has taken data within minutes of deploying the web shells. Microsoft said an affiliate of the Russian-speaking Clop ransomware-as-a-service gang is behind a rash of attacks exploiting a recently patched vulnerability in Progress Software's managed file transfer product. flag carrier British Airways informed employees that hackers had accessed data via payroll provider Zellis and the MOVEit vulnerability.
0 kommentar(er)
