- I use this cheap Android tablet more than my iPad Pro - and it costs a fraction of the price
- One of my favorite budget tablets this year managed to be replace both my Kindle and iPad
- Critical Vulnerabilities Found in WordPress Plugins WPLMS and VibeBP
- How to detect this infamous NSO spyware on your phone for just $1
- I let my 8-year-old test this Android phone for kids. Here's what you should know before buying
Critical Zero-Day Flaw Exploited in MOVEit Transfer
A critical security threat has been discovered in the MOVEit Transfer file transfer software that would enable attackers to steal data from organizations.
The zero-day vulnerability, which was uncovered by Progress last week, is an SQL injection weakness found in the managed file transfer (MFT) product.
This flaw (CVE-2023-34362) can grant escalated privileges and unauthorized access.
“An attacker may be able to infer information about the structure and contents of a MOVEit Transfer database, or even alter or delete database elements,” explained Zane Bond, head of product at Keeper Security.
Progress, in its original advisory, did not mention any instances of exploitation. However, according to a more recent blog post by Rapid7 (and the updated Progress one), active exploitation of the vulnerability is now being seen.
“We have observed an uptick in related cases since the vulnerability was disclosed publicly on May 31, 2023; Rapid7 intelligence indicates that the threat actors leveraging [it] have exploited a wide range of organizations, particularly in North America,” reads the blog post.
As of May 31, there were approximately 2500 publicly accessible instances of MOVEit Transfer, according to the company.
The vulnerability affects all MOVEit Transfer versions released before May 31 2023. It is crucial to apply the available fixes and patches released by MOVEit promptly, warned Rapid7.
Additionally, users of MOVEit Transfer with Microsoft Azure integration should take immediate action to rotate their Azure storage keys.
“The MOVEit Transfer case bears a striking resemblance to a slew of SQLi attacks happening on file storage and transfer systems, the latest being QNAP devices and a high-profile attack by Clop on Fortra’s GoAnywhere file transfer software,” commented Craig Jones, vice president of security operations at Ontinue.
The security expert added that, from an application security standpoint, the vulnerability found in MOVEit Transfer serves as a reminder of the criticality of thorough input validation, robust access control and secure coding practices in safeguarding against such exploits.
