| https://www.progress.com/security/moveit-transfer-and-moveit-cloud-vulnerability |
MOVEit Transfer and MOVEit Cloud Vulnerability
|
MOVEit Transfer and MOVEit Cloud Vulnerability Status: Patched. ProgressSolutionsDigital ExperienceOptimized application delivery, security, and visibility for critical infrastructure. ProgressSolutions is a leading provider of software and services for enterprise customers. the company is headquartered in san francisco and has offices in los angeles and san antonio, california - california. |
| https://therecord.media/data-of-sixteen-million-exposed-moveit |
More than 16 million people and counting have had data exposed in MOVEit breaches |
more than 16 million people are known to have had their information accessed by hackers exploiting vulnerabilities in the popular file transfer software. since June 1, experts have warned of the vulnerability affecting the popular file transfer software. dozens of the biggest organizations in the u.s. and europe have since come forward to reveal that they were affected by the situation. only 11 — most of them state-level agencies like California’s pension fund or companies forced to file breach notifications — have revealed the number of people who had information accessed |
| https://techmonitor.ai/technology/cybersecurity/siemens-energy-and-schneider-electric-victims-of-moveit-supply-chain-attack |
Siemens and Schneider victims of MOVEit supply chain attack |
Siemens Energy and Schneider Electric join growing list of apparent victims of the MOVEit Transfer vulnerability. the energy technology business spun out from german manufacturing giant Siemens, has confirmed it has been breached. french engineering company Schneider Electric, is investigating after its name was posted on ransomware gang Cl0p’s dark web blog. a spokesperson for Siemens Energy, which reported revenue of €32bn last year, said it has been impacted by what it describes as a 'global security incident' |
| https://www.wired.com/story/apple-google-moveit-security-patches-june-2023-critical-update/ |
Apple, Google, and MOVEit Just Patched Serious Security Flaws | WIRED |
Microsoft fixes 78 vulnerabilities, VMWare plugs a flaw already used in attacks, and more critical updates from June. the latest iphone update fixes security vulnerabilities in WebKit, the engine that underpins Safari, and in the kernel at the heart of the iOS system. a significant number of security bugs squashed during the month are being used in real-life attacks, so read on, take note, and patch your affected systems as soon as you can. |
| https://www.crn.com/news/security/8-tech-and-it-companies-targeted-in-the-moveit-attacks |
8 Tech And IT Companies Targeted In The MOVEit Attacks | CRN |
CRN News Companies Awards & Lists Events Industry Voices About Close Sections CRNtv Editors Kyle Alspach Steve Burke CJ Fairfield Jennifer Follett Mark Haranas David Harris O'Ryan Johnson Joseph F. Kovar Dylan Martin Wade Tyler Millward Gina Narcisi Rick Whiting Meet the Editors Calendars Editorial High Tech Events TCC Events Connect with CRN CRN Magazine Notify me about CRN Awards Subscribe to CRN Magazine Subscribe to CRN Newsletter Licensing C |
| https://cyberscoop.com/schnieder-electric-siemens-energy-moveit-cl0p/ |
Two major energy corporations added to growing MOVEit victim list | CyberScoop |
leading global energy companies Schneider Electric and Siemens Energy are the latest victims in the MOVEit breach. CL0P, the ransomware gang executing the attacks, added both Schneider Electric and Siemens Energy to its leak site on Tuesday. multiple federal agencies, including two Department of Energy entities, have been affected by the vulnerability, federal authorities have said. the hacking campaign has added more than 100 victims since early June, the hacking campaign has added more than 100 victims. |
| https://www.reuters.com/technology/who-is-behind-sweeping-moveit-hack-2023-06-27/ |
Factbox: Who is behind the sweeping MOVEit hack? | Reuters |
the cl0p ransomware gang is claiming a new set of victims from its hack of the MOVEit file transfer protocol. researchers say the group is Russia-linked or Russian-speaking and its name could be a play on the Russian word for "bug" cl0p is a ransomware-as-a-service gang, meaning it hires out its software and infrastructure for other cybercriminals in return for a cut of the proceeds. |
| https://therecord.media/ucla-siemens-energy-latest-moveit-victims |
UCLA, Siemens Energy latest MOVEit victims to confirm breaches |
more than 100 organizations around the world have been affected by the hacking campaign. the university of california, los angeles, said it uses the MOVEit Transfer tool at the center of the attacks. the university notified the FBI and worked with external cybersecurity experts to investigate the matter. a spokesperson for Siemens Energy confirmed that the company was among those targeted but said their current analysis of the incident found that "no critical data has been compromised" |
| https://www.mandiant.com/resources/blog/zero-day-moveit-data-theft |
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft | Mandiant |
Mandiant is now part of Google Cloud. Learn more. Explore our multi-vendor XDR platform, delivering Mandiant products and integrating with a range of leading security operations technology.Mandiant SolutionsReduce exposures before adversaries act Government New!Protect national services and agencies Digital Risk ProtectionPrioritize and focus on threats that matter RansomwareIncrease resilience against multifaceted extortion Who is targeting usAssess attack surface visibility Are we preparedAnticipate threats for defense posture |
| https://techcrunch.com/2023/06/15/moveit-clop-mass-hacks-banks-universities/ |
Ransomware gang lists first victims of MOVEit mass-hacks, including US banks and universities | TechCrunch |
the ransomware gang has been exploiting a security flaw in a popular corporate file transfer tool since late may. the victims list includes a number of U.S. banks and universities. other victims include financial software provider Datasite; educational non-profit National Student Clearinghouse; student health insurance provider United Healthcare Student Resources. a USG spokesperson told techcrunch that the university is “evaluating the scope and severity of this potential data exposure’. |
| https://arstechnica.com/information-technology/2023/06/mass-exploitation-of-critical-moveit-flaw-is-ransacking-orgs-big-and-small/ |
Mass exploitation of critical MOVEit flaw is ransacking orgs big and small | Ars Technica |
organizations big and small are falling prey to mass exploitation of critical MOVEit flaw. researchers liken hacks to smash-and-grab robberies, in which a window is broken. despite relatively small number of confirmed breaches, attacks are describing as widespread. the exploitation is fueled by a recently patched vulnerability in MOVEit, a file-transfer provider based in switzerland. |
| https://www.cisa.gov/news-events/alerts/2023/06/15/progress-software-releases-security-advisory-moveit-transfer-vulnerability |
Progress Software Releases Security Advisory for MOVEit Transfer Vulnerability | CISA |
CISA urges users and organizations to review the security advisory for a privilege escalation vulnerability (CVE-2023-35708) in MOVEit Transfer—a Managed File Transfer Software. a cyber threat actor could exploit this vulnerability to take control of an affected system. share sensitive information only on official, secure websites. share sensitive information only on official, secure websites. share sensitive information only on official, secure websites. share sensitive information only on official, secure websites. |
| https://www.cybersecuritydive.com/news/moveit-vulnerability-victims/654037/ |
MOVEit vulnerability ensnares more victims | Cybersecurity Dive |
fallout from Clop’s mass exploit of a zero-day vulnerability in Progress Software’s MOVEit file transfer service continues to ensnare more victims. at least 108 organizations, including seven u.s. universities, have been listed by Clop or disclosed as having been impacted thus far. the u.s. state department offered a $10 million bounty for information on the Clop ransomware group last week after multiple federal agencies were impacted. |
| https://www.ncsc.gov.uk/information/moveit-vulnerability |
NCSC |
NCSCYou need to enable JavaScript to run this app. NCSCYou need to enable JavaScript to run this app. NCSCYou need to enable JavaScript to run this app. NCSCYou need to enable JavaScript to run this app. NCSCYou need to enable JavaScript to run this app. NCSCYou need to enable JavaScript to run this app. NCSCYou need to enable JavaScript to run this app. NCSCYou need to enable JavaScript to run this app. |
| https://www.crn.com/news/security/8-tech-and-it-companies-targeted-in-the-moveit-attacks |
8 Tech And IT Companies Targeted In The MOVEit Attacks | CRN |
CRN News Companies Awards & Lists Events Industry Voices About Close Sections CRNtv Editors Kyle Alspach Steve Burke CJ Fairfield Jennifer Follett Mark Haranas David Harris O'Ryan Johnson Joseph F. Kovar Dylan Martin Wade Tyler Millward Gina Narcisi Rick Whiting Meet the Editors Calendars Editorial High Tech Events TCC Events Connect with CRN CRN Magazine Notify me about CRN Awards Subscribe to CRN Magazine Subscribe to CRN Newsletter Licensing C |
| https://www.huntress.com/blog/moveit-transfer-critical-vulnerability-rapid-response |
MOVEit Transfer Critical Vulnerability CVE-2023-34362 Rapid Response |
MOVEit Transfer Critical Vulnerability CVE-2023-34362 Rapid Response Human Threat Hunting Persistent Footholds Find Attackers Hiding in Plain Sight Managed Antivirus Strengthen Frontline Protection MDR for Microsoft 365 Microsoft 365 Threat Detection Ransomware Canaries Detect Ransomware Faster External Recon Scan Ports & Potential Exposures Security Awareness Training Sharpen Your Employees' Defenses Partner Enablement Grow Your Cybersecurity Practice See The Huntress Managed Security |
| https://www.fortinet.com/blog/threat-research/moveit-transfer-critical-vulnerability-cve-2023-34362-exploited-as-a-0-day |
MOVEit Transfer Critical Vulnerability (CVE-2023-34362) Exploited as a 0-day | FortiGuard Labs |
high-profile government, finance, media, aviation, and healthcare organizations have reportedly been affected. high-profile organizations have reportedly been affected, with data exfiltrated and stolen. MOVEit Transfer is vulnerable to a critical zero-day SQL injection vulnerability. CISA released an advisory for the vulnerability on June 1st, 2023. for more information, see the related FortiGuard Labs outbreak alert. click here for more information. |
| https://www.progress.com/security/moveit-transfer-and-moveit-cloud-vulnerability |
MOVEit Transfer and MOVEit Cloud Vulnerability
|
MOVEit Transfer and MOVEit Cloud Vulnerability Status: Patched. ProgressSolutionsDigital ExperienceOptimized application delivery, security, and visibility for critical infrastructure. ProgressSolutions is a leading provider of software and services for enterprise customers. the company is headquartered in san francisco and has offices in los angeles and san antonio, california - california. |
| https://therecord.media/data-of-sixteen-million-exposed-moveit |
More than 16 million people and counting have had data exposed in MOVEit breaches |
more than 16 million people are known to have had their information accessed by hackers exploiting vulnerabilities in the popular file transfer software. since June 1, experts have warned of the vulnerability affecting the popular file transfer software. dozens of the biggest organizations in the u.s. and europe have since come forward to reveal that they were affected by the situation. only 11 — most of them state-level agencies like California’s pension fund or companies forced to file breach notifications — have revealed the number of people who had information accessed |
| https://techmonitor.ai/technology/cybersecurity/siemens-energy-and-schneider-electric-victims-of-moveit-supply-chain-attack |
Siemens and Schneider victims of MOVEit supply chain attack |
Siemens Energy and Schneider Electric join growing list of apparent victims of the MOVEit Transfer vulnerability. the energy technology business spun out from german manufacturing giant Siemens, has confirmed it has been breached. french engineering company Schneider Electric, is investigating after its name was posted on ransomware gang Cl0p’s dark web blog. a spokesperson for Siemens Energy, which reported revenue of €32bn last year, said it has been impacted by what it describes as a 'global security incident' |
| https://www.wired.com/story/apple-google-moveit-security-patches-june-2023-critical-update/ |
Apple, Google, and MOVEit Just Patched Serious Security Flaws | WIRED |
Microsoft fixes 78 vulnerabilities, VMWare plugs a flaw already used in attacks, and more critical updates from June. the latest iphone update fixes security vulnerabilities in WebKit, the engine that underpins Safari, and in the kernel at the heart of the iOS system. a significant number of security bugs squashed during the month are being used in real-life attacks, so read on, take note, and patch your affected systems as soon as you can. |
| https://www.crn.com/news/security/8-tech-and-it-companies-targeted-in-the-moveit-attacks |
8 Tech And IT Companies Targeted In The MOVEit Attacks | CRN |
CRN News Companies Awards & Lists Events Industry Voices About Close Sections CRNtv Editors Kyle Alspach Steve Burke CJ Fairfield Jennifer Follett Mark Haranas David Harris O'Ryan Johnson Joseph F. Kovar Dylan Martin Wade Tyler Millward Gina Narcisi Rick Whiting Meet the Editors Calendars Editorial High Tech Events TCC Events Connect with CRN CRN Magazine Notify me about CRN Awards Subscribe to CRN Magazine Subscribe to CRN Newsletter Licensing C |
| https://cyberscoop.com/schnieder-electric-siemens-energy-moveit-cl0p/ |
Two major energy corporations added to growing MOVEit victim list | CyberScoop |
leading global energy companies Schneider Electric and Siemens Energy are the latest victims in the MOVEit breach. CL0P, the ransomware gang executing the attacks, added both Schneider Electric and Siemens Energy to its leak site on Tuesday. multiple federal agencies, including two Department of Energy entities, have been affected by the vulnerability, federal authorities have said. the hacking campaign has added more than 100 victims since early June, the hacking campaign has added more than 100 victims. |
| https://www.reuters.com/technology/who-is-behind-sweeping-moveit-hack-2023-06-27/ |
Factbox: Who is behind the sweeping MOVEit hack? | Reuters |
the cl0p ransomware gang is claiming a new set of victims from its hack of the MOVEit file transfer protocol. researchers say the group is Russia-linked or Russian-speaking and its name could be a play on the Russian word for "bug" cl0p is a ransomware-as-a-service gang, meaning it hires out its software and infrastructure for other cybercriminals in return for a cut of the proceeds. |
| https://therecord.media/ucla-siemens-energy-latest-moveit-victims |
UCLA, Siemens Energy latest MOVEit victims to confirm breaches |
more than 100 organizations around the world have been affected by the hacking campaign. the university of california, los angeles, said it uses the MOVEit Transfer tool at the center of the attacks. the university notified the FBI and worked with external cybersecurity experts to investigate the matter. a spokesperson for Siemens Energy confirmed that the company was among those targeted but said their current analysis of the incident found that "no critical data has been compromised" |
| https://www.mandiant.com/resources/blog/zero-day-moveit-data-theft |
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft | Mandiant |
Mandiant is now part of Google Cloud. Learn more. Explore our multi-vendor XDR platform, delivering Mandiant products and integrating with a range of leading security operations technology.Mandiant SolutionsReduce exposures before adversaries act Government New!Protect national services and agencies Digital Risk ProtectionPrioritize and focus on threats that matter RansomwareIncrease resilience against multifaceted extortion Who is targeting usAssess attack surface visibility Are we preparedAnticipate threats for defense posture |
| https://techcrunch.com/2023/06/15/moveit-clop-mass-hacks-banks-universities/ |
Ransomware gang lists first victims of MOVEit mass-hacks, including US banks and universities | TechCrunch |
the ransomware gang has been exploiting a security flaw in a popular corporate file transfer tool since late may. the victims list includes a number of U.S. banks and universities. other victims include financial software provider Datasite; educational non-profit National Student Clearinghouse; student health insurance provider United Healthcare Student Resources. a USG spokesperson told techcrunch that the university is “evaluating the scope and severity of this potential data exposure’. |
| https://arstechnica.com/information-technology/2023/06/mass-exploitation-of-critical-moveit-flaw-is-ransacking-orgs-big-and-small/ |
Mass exploitation of critical MOVEit flaw is ransacking orgs big and small | Ars Technica |
organizations big and small are falling prey to mass exploitation of critical MOVEit flaw. researchers liken hacks to smash-and-grab robberies, in which a window is broken. despite relatively small number of confirmed breaches, attacks are describing as widespread. the exploitation is fueled by a recently patched vulnerability in MOVEit, a file-transfer provider based in switzerland. |
| https://www.cisa.gov/news-events/alerts/2023/06/15/progress-software-releases-security-advisory-moveit-transfer-vulnerability |
Progress Software Releases Security Advisory for MOVEit Transfer Vulnerability | CISA |
CISA urges users and organizations to review the security advisory for a privilege escalation vulnerability (CVE-2023-35708) in MOVEit Transfer—a Managed File Transfer Software. a cyber threat actor could exploit this vulnerability to take control of an affected system. share sensitive information only on official, secure websites. share sensitive information only on official, secure websites. share sensitive information only on official, secure websites. share sensitive information only on official, secure websites. |
| https://www.cybersecuritydive.com/news/moveit-vulnerability-victims/654037/ |
MOVEit vulnerability ensnares more victims | Cybersecurity Dive |
fallout from Clop’s mass exploit of a zero-day vulnerability in Progress Software’s MOVEit file transfer service continues to ensnare more victims. at least 108 organizations, including seven u.s. universities, have been listed by Clop or disclosed as having been impacted thus far. the u.s. state department offered a $10 million bounty for information on the Clop ransomware group last week after multiple federal agencies were impacted. |
| https://www.ncsc.gov.uk/information/moveit-vulnerability |
NCSC |
NCSCYou need to enable JavaScript to run this app. NCSCYou need to enable JavaScript to run this app. NCSCYou need to enable JavaScript to run this app. NCSCYou need to enable JavaScript to run this app. NCSCYou need to enable JavaScript to run this app. NCSCYou need to enable JavaScript to run this app. NCSCYou need to enable JavaScript to run this app. NCSCYou need to enable JavaScript to run this app. |
| https://www.crn.com/news/security/8-tech-and-it-companies-targeted-in-the-moveit-attacks |
8 Tech And IT Companies Targeted In The MOVEit Attacks | CRN |
CRN News Companies Awards & Lists Events Industry Voices About Close Sections CRNtv Editors Kyle Alspach Steve Burke CJ Fairfield Jennifer Follett Mark Haranas David Harris O'Ryan Johnson Joseph F. Kovar Dylan Martin Wade Tyler Millward Gina Narcisi Rick Whiting Meet the Editors Calendars Editorial High Tech Events TCC Events Connect with CRN CRN Magazine Notify me about CRN Awards Subscribe to CRN Magazine Subscribe to CRN Newsletter Licensing C |
| https://www.huntress.com/blog/moveit-transfer-critical-vulnerability-rapid-response |
MOVEit Transfer Critical Vulnerability CVE-2023-34362 Rapid Response |
MOVEit Transfer Critical Vulnerability CVE-2023-34362 Rapid Response Human Threat Hunting Persistent Footholds Find Attackers Hiding in Plain Sight Managed Antivirus Strengthen Frontline Protection MDR for Microsoft 365 Microsoft 365 Threat Detection Ransomware Canaries Detect Ransomware Faster External Recon Scan Ports & Potential Exposures Security Awareness Training Sharpen Your Employees' Defenses Partner Enablement Grow Your Cybersecurity Practice See The Huntress Managed Security |
| https://techcrunch.com/2023/06/30/tiaa-teachers-retirement-fund-moveit |
Schools say US teachers' retirement fund was breached by MOVEit hackers | TechCrunch |
schools say teachers' retirement fund was breached by hackers. TIAA, a nonprofit that provides financial services for individuals in academic fields, has been caught up in the mass-hacks targeting MOVEit file transfer tools. the mass-hack has so far claimed more than 160 victims, according to emsisoft threat analyst. only 12 of these victims have confirmed the number of people affected, which already adds up to more than 16 million individuals. |
| https://www.scmagazine.com/analysis/third-party-risk/moveit-hackers-may-have-found-simpler-business-model-beyond-ransomware |
MOVEit hackers may have found simpler business model beyond ransomware | SC Media |
hacker group Cl0p exploited a zero-day vulnerability in popular file-transfer program. it's the third time it has simply demanded payment not to release data. experts warn we should expect to see additional attacks targeting file-transfer software. "it's kind of a new business model for them," says researcher who found zero-day exploit. extortion group's success could breed copycats in the ransomware world. |
| https://techmonitor.ai/technology/cybersecurity/siemens-energy-and-schneider-electric-victims-of-moveit-supply-chain-attack |
Siemens and Schneider victims of MOVEit supply chain attack |
Siemens Energy and Schneider Electric join growing list of apparent victims of the MOVEit Transfer vulnerability. the energy technology business spun out from german manufacturing giant Siemens, has confirmed it has been breached. french engineering company Schneider Electric, is investigating after its name was posted on ransomware gang Cl0p’s dark web blog. a spokesperson for Siemens Energy, which reported revenue of €32bn last year, said it has been impacted by what it describes as a 'global security incident' |
| https://www.reuters.com/world/us/us-health-department-law-firms-reportedly-latest-hit-wide-ranging-hack-2023-06-28 |
US health department, law firms latest hit in wide-ranging hack | Reuters |
the hack centered on a piece of software called MOVEit Transfer. no HHS systems or networks were compromised, a source at the department says. the ransomware gang known as cl0p posted the names of two law firms to its leak site. cl0p has previously insisted it doesn't deliberately steal data from government organizations. tens of thousands of records could have been exposed, a source at the department says. |
| https://therecord.media/data-of-sixteen-million-exposed-moveit |
More than 16 million people and counting have had data exposed in MOVEit breaches |
more than 16 million people are known to have had their information accessed by hackers exploiting vulnerabilities in the popular file transfer software. since June 1, experts have warned of the vulnerability affecting the popular file transfer software. dozens of the biggest organizations in the u.s. and europe have since come forward to reveal that they were affected by the situation. only 11 — most of them state-level agencies like California’s pension fund or companies forced to file breach notifications — have revealed the number of people who had information accessed |
| https://www.wired.com/story/apple-google-moveit-security-patches-june-2023-critical-update |
Apple, Google, and MOVEit Just Patched Serious Security Flaws | WIRED |
Microsoft fixes 78 vulnerabilities, VMWare plugs a flaw already used in attacks, and more critical updates from June. the latest iphone update fixes security vulnerabilities in WebKit, the engine that underpins Safari, and in the kernel at the heart of the iOS system. a significant number of security bugs squashed during the month are being used in real-life attacks, so read on, take note, and patch your affected systems as soon as you can. |
| https://www.crn.com/news/security/8-tech-and-it-companies-targeted-in-the-moveit-attacks |
8 Tech And IT Companies Targeted In The MOVEit Attacks | CRN |
CRN News Companies Awards & Lists Events Industry Voices About Close Sections CRNtv Editors Kyle Alspach Steve Burke CJ Fairfield Jennifer Follett Mark Haranas David Harris O'Ryan Johnson Joseph F. Kovar Dylan Martin Wade Tyler Millward Gina Narcisi Rick Whiting Meet the Editors Calendars Editorial High Tech Events TCC Events Connect with CRN CRN Magazine Notify me about CRN Awards Subscribe to CRN Magazine Subscribe to CRN Newsletter Licensing C |
| https://www.chicagobusiness.com/technology/illinois-discloses-details-cl0ps-moveit-cyberattack |
Illinois discloses details cl0p's MOVEit cyberattack | Crain's Chicago Business |
cl0p cyberattack on Illinois hits 390,000 people. crain's daily gist podcast airlines & airports Arts & Entertainment Cannabis Consumer Products Economy Education Finance & Banking Health Care Insurance Law Manufacturing & Logistics Marketing & Media Nonprofits & Philanthropy Politics Real estate Restaurants Retail Small Business Sports Technology Transportation Utilities Workplace Real estate Commercial real estate Residential real estate before it hits the market. |
| https://techcrunch.com/2023/06/30/tiaa-teachers-retirement-fund-moveit/ |
Schools say US teachers' retirement fund was breached by MOVEit hackers | TechCrunch |
schools say teachers' retirement fund was breached by hackers. TIAA, a nonprofit that provides financial services for individuals in academic fields, has been caught up in the mass-hacks targeting MOVEit file transfer tools. the mass-hack has so far claimed more than 160 victims, according to emsisoft threat analyst. only 12 of these victims have confirmed the number of people affected, which already adds up to more than 16 million individuals. |
| https://www.scmagazine.com/analysis/third-party-risk/moveit-hackers-may-have-found-simpler-business-model-beyond-ransomware |
MOVEit hackers may have found simpler business model beyond ransomware | SC Media |
hacker group Cl0p exploited a zero-day vulnerability in popular file-transfer program. it's the third time it has simply demanded payment not to release data. experts warn we should expect to see additional attacks targeting file-transfer software. "it's kind of a new business model for them," says researcher who found zero-day exploit. extortion group's success could breed copycats in the ransomware world. |
| https://techmonitor.ai/technology/cybersecurity/siemens-energy-and-schneider-electric-victims-of-moveit-supply-chain-attack |
Siemens and Schneider victims of MOVEit supply chain attack |
Siemens Energy and Schneider Electric join growing list of apparent victims of the MOVEit Transfer vulnerability. the energy technology business spun out from german manufacturing giant Siemens, has confirmed it has been breached. french engineering company Schneider Electric, is investigating after its name was posted on ransomware gang Cl0p’s dark web blog. a spokesperson for Siemens Energy, which reported revenue of €32bn last year, said it has been impacted by what it describes as a 'global security incident' |
| https://www.reuters.com/world/us/us-health-department-law-firms-reportedly-latest-hit-wide-ranging-hack-2023-06-28/ |
US health department, law firms latest hit in wide-ranging hack | Reuters |
the hack centered on a piece of software called MOVEit Transfer. no HHS systems or networks were compromised, a source at the department says. the ransomware gang known as cl0p posted the names of two law firms to its leak site. cl0p has previously insisted it doesn't deliberately steal data from government organizations. tens of thousands of records could have been exposed, a source at the department says. |
| https://therecord.media/data-of-sixteen-million-exposed-moveit |
More than 16 million people and counting have had data exposed in MOVEit breaches |
more than 16 million people are known to have had their information accessed by hackers exploiting vulnerabilities in the popular file transfer software. since June 1, experts have warned of the vulnerability affecting the popular file transfer software. dozens of the biggest organizations in the u.s. and europe have since come forward to reveal that they were affected by the situation. only 11 — most of them state-level agencies like California’s pension fund or companies forced to file breach notifications — have revealed the number of people who had information accessed |
| https://www.wired.com/story/apple-google-moveit-security-patches-june-2023-critical-update/ |
Apple, Google, and MOVEit Just Patched Serious Security Flaws | WIRED |
Microsoft fixes 78 vulnerabilities, VMWare plugs a flaw already used in attacks, and more critical updates from June. the latest iphone update fixes security vulnerabilities in WebKit, the engine that underpins Safari, and in the kernel at the heart of the iOS system. a significant number of security bugs squashed during the month are being used in real-life attacks, so read on, take note, and patch your affected systems as soon as you can. |
| https://www.crn.com/news/security/8-tech-and-it-companies-targeted-in-the-moveit-attacks |
8 Tech And IT Companies Targeted In The MOVEit Attacks | CRN |
CRN News Companies Awards & Lists Events Industry Voices About Close Sections CRNtv Editors Kyle Alspach Steve Burke CJ Fairfield Jennifer Follett Mark Haranas David Harris O'Ryan Johnson Joseph F. Kovar Dylan Martin Wade Tyler Millward Gina Narcisi Rick Whiting Meet the Editors Calendars Editorial High Tech Events TCC Events Connect with CRN CRN Magazine Notify me about CRN Awards Subscribe to CRN Magazine Subscribe to CRN Newsletter Licensing C |
| https://www.chicagobusiness.com/technology/illinois-discloses-details-cl0ps-moveit-cyberattack |
Illinois discloses details cl0p's MOVEit cyberattack | Crain's Chicago Business |
cl0p cyberattack on Illinois hits 390,000 people. crain's daily gist podcast airlines & airports Arts & Entertainment Cannabis Consumer Products Economy Education Finance & Banking Health Care Insurance Law Manufacturing & Logistics Marketing & Media Nonprofits & Philanthropy Politics Real estate Restaurants Retail Small Business Sports Technology Transportation Utilities Workplace Real estate Commercial real estate Residential real estate before it hits the market. |
| https://www.mandiant.com/resources/blog/zero-day-moveit-data-theft |
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft | Mandiant |
Mandiant is now part of Google Cloud. Learn more. Explore our multi-vendor XDR platform, delivering Mandiant products and integrating with a range of leading security operations technology.Mandiant SolutionsReduce exposures before adversaries act Government New!Protect national services and agencies Digital Risk ProtectionPrioritize and focus on threats that matter RansomwareIncrease resilience against multifaceted extortion Who is targeting usAssess attack surface visibility Are we preparedAnticipate threats for defense posture |
| https://www.progress.com/moveit |
MOVEit Secure Managed File Transfer Software | Progress
|
MOVEit Transfer and MOVEit Cloud Vulnerability, click for mitigation measures and patch information. GO MOVEit ® Managed File Transfer and Automation Software for the Enterprise. GO MOVEit ® Managed File Transfer and MOVEit Cloud Vulnerability, click for mitigation measures and patch information. GO MOVEit Transfer and MOVEit Cloud Vulnerability, click for mitigation measures and patch information. GO MOVEit ® Managed File Transfer and Automation Software for the Enterprise. |
| https://www.progress.com/security/moveit-transfer-and-moveit-cloud-vulnerability |
MOVEit Transfer and MOVEit Cloud Vulnerability
|
MOVEit Transfer and MOVEit Cloud Vulnerability Status: Patched. ProgressSolutionsDigital ExperienceOptimized application delivery, security, and visibility for critical infrastructure. ProgressSolutions is a leading provider of software and services for enterprise customers. the company is headquartered in san francisco and has offices in los angeles and san antonio, california - california. |
| https://www.progress.com/ws_ftp |
WS_FTP - Secure FTP Server and Client Software - Progress
|
Progress ws_FTP is a secure file transfer server and a secure FTP client. it is designed to be flexible and scalable with your organization and end users. ws_FTP uses industry-leading security at every stage of the software's lifecycle. it is also able to provide each user with a secure FTP client, assuring both reliability and security for data sharing processes. ws_FTP is a leading provider of secure file transfer software. |
| https://www.ipswitch.com/moveit |
Managed File Transfer Software - MOVEit MFT - Ipswitch
|
MOVEit is the leading secure Managed File Transfer (MFT) software used by thousands of organizations around the world to provide complete visibility and control over file transfer activities. Whether deployed as-a-Service, in the Cloud, or on premises, MOVEit enables your organization to meet compliance standards, easily ensure the reliability of core business processes, and secure the transfer of sensitive data between partners, customers, users and systems. Whether deployed as-a-Service, in the Cloud, or on premises, MOVEit enables |
| https://techcrunch.com/2023/06/29/millions-affected-moveit-mass-hacks/ |
Millions affected by MOVEit mass-hacks as list of casualties continues to grow | TechCrunch |
there are more than 140 known victims of Clop ransomware attacks targeting a vulnerability in the MOVEit file transfer tool. this includes approximately 3.5 million Oregon driver’s license holders; roughly 6 million Louisiana residents; some 770,000 members of the California Public Employees’ Retirement System. at least seven of the known MOVEit victims are U.S. universities, and 16 are U.S. public sector organizations. the mass-hacks include U.S. educational nonprofit National Student Clearinghouse, which began notifying |
| https://en.wikipedia.org/wiki/MOVEit |
MOVEit - Wikipedia |
on 31 may 2023, Progress reported an SQL injection vulnerability in MOVEit Transfer and MOVEit Cloud (CVE-2023-34362) the vulnerability's use was widely exploited in late May 2023, but was potentially used as early as July 2021. the software has been used in the healthcare industry by companies such as Rochester Hospital[2] and Medibank, as well as thousands of IT departments in high technology, government, and financial service companies like Zellis. |
| https://en.wikipedia.org/wiki/MOVEit |
MOVEit - Wikipedia |
on 31 may 2023, Progress reported an SQL injection vulnerability in MOVEit Transfer and MOVEit Cloud (CVE-2023-34362) the vulnerability's use was widely exploited in late May 2023, but was potentially used as early as July 2021. the software has been used in the healthcare industry by companies such as Rochester Hospital[2] and Medibank, as well as thousands of IT departments in high technology, government, and financial service companies like Zellis. |
| https://moveit.ros.org/ |
MoveIt Motion Planning Framework
|
MoveIt is the most widely used software for manipulating robots. it has been used on a number of robotics projects. moveIt is available for free on github and is available for free on ios and pcs. moveIt is available for free on ios and pcs, and is available for free on ios and pcs. click here for more information about moving robots. |
| https://arstechnica.com/security/2023/06/casualties-keep-growing-in-this-months-mass-exploitation-of-moveit-0-day |
Casualties keep growing in this month’s mass exploitation of MOVEit 0-day | Ars Technica |
the dramatic fallout continues, with as many as 122 organizations now breached. to date, the hacking spree appears to have breached 122 organizations and obtained the data of roughly 15 million people. the hacks are all the result of Clop exploiting what had been a zero-day vulnerability in MOVEit, a file-transfer service that’s available in both cloud and on-premises offerings. Microsoft has tied the attacks to Clop, a Russian-speaking ransomware syndicat |
| https://www.scmagazine.com/analysis/third-party-risk/moveit-hackers-may-have-found-simpler-business-model-beyond-ransomware |
MOVEit hackers may have found simpler business model beyond ransomware | SC Media |
hacker group Cl0p exploited a zero-day vulnerability in popular file-transfer program. it's the third time it has simply demanded payment not to release data. experts warn we should expect to see additional attacks targeting file-transfer software. "it's kind of a new business model for them," says researcher who found zero-day exploit. extortion group's success could breed copycats in the ransomware world. |