Hackers are actively exploiting a zero day vulnerability in MOVEit Transfer to steal data from Organisations. MOVEit Transfer is a managed file transfer solution that allows for secure transfer of files using protocols like SFTP, SCP an HTTP. Progress, the parent company behind MOVEit Transfer released a security advisory warning of a critical SQL injection vulnerability that allows for privilege escalation and potential unauthorised access on target systems. The vulnerability does not have a CVE assigned. There are around 2,500 exposed MOVEit Transfer servers with most of them located in the US. A number of organisations have reported being breached and having data stolen with the attacks having started over the US Memorial Day holiday, when there are fewer staff monitoring the systems.
https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023
https://www.bleepingcomputer.com/news/security/new-moveit-transfer-zero-day-mass-exploited-in-data-theft-attacks/
https://www.rapid7.com/blog/post/2023/06/01/rapid7-observed-exploitation-of-critical-moveit-transfer-vulnerability/
This segment was created for the It’s 5:05 podcast