June 17, 2023, 1:48 a.m. |

Anomali Blog www.anomali.com

Background

Multiple vulnerabilities have recently been identified in the managed file transfer (MFT) software MOVEit developed by Ipswitch, Inc. and produced by Progress Software. These include CVE-2023-34362 ^[1], CVE-2023-35036 ^[2] and CVE-2023-35708 ^[3]. These vulnerabilities allow adversaries to gain unauthorized access and escalate privileges in the environment.

MOVEit is a popular tool that is used by thousands of organizations around the world. These include organizations in the public, private, and government sectors. The transfer software can be deployed …

access adversaries anomali cve cve-2023-34362 cve-2023-35036 cve-2023-35708 cyber threat intelligence environment file file transfer ipswitch managed managed file transfer mft moveit popular privileges progress progress software software tool transfer unauthorized access vulnerabilities

More from www.anomali.com / Anomali Blog

Anomali Cyber Watch: Cadet Blizzard - New GRU APT, ChamelDoH Hard-to-Detect Linux RAT, Stealthy DoubleFinger … 10 months ago | www.anomali.com

access anomali anomali cyber watch apt +28

Are you ready for MOVEit? 10 months, 1 week ago | www.anomali.com

access adversaries anomali cve +21

Anomali Cyber Watch: Fractureiser Attempted Clipboard-Poisoning VM Escape, Asylum Ambuscade Spies as a Side Job, … 10 months, 2 weeks ago | www.anomali.com

advanced anomali anomali cyber watch asylum +31

Anomali Cyber Watch: LEMURLOOT on Exploited MOVEit Transfers, Zero-Click iOS Exploit Targeted Kaspersky, Qakbot Turns … 10 months, 3 weeks ago | www.anomali.com

adware anomali anomali cyber watch botnets +29

Anomali Cyber Watch: Shadow Force Targets Korean Servers, Volt Typhoon Abuses Built-in Tools, CosmicEnergy Tests … 10 months, 3 weeks ago | www.anomali.com

anomali anomali cyber watch china cosmicenergy +25

Anomali Cyber Watch: CloudWizard Targets Both Sides in Ukraine, Camaro Dragon Trojanized TP-Link Firmware, RA … 11 months ago | www.anomali.com

anomali anomali cyber watch apt babuk +26

Anomali Cyber Watch: Lancefly APT Adopts Alternatives to Phishing, BPFdoor Removed Hardcoded Indicators, FBI Ordered … 11 months, 1 week ago | www.anomali.com

anomali anomali cyber watch apt backdoors +22

Anomali Cyber Watch: Custom Virtual Environment Hides FluHorse, BabyShark Evolved into ReconShark, Fleckpe-Infected Apps Add … 11 months, 2 weeks ago | www.anomali.com

anomali anomali cyber watch apps apt +21

Anomali Cyber Watch: APT37 Adopts LNK Files, Charming Kitten Uses BellaCiao Implant-Dropper, ViperSoftX Infostealer Unique … 11 months, 3 weeks ago | www.anomali.com

anomali anomali cyber watch apt apt37 +25

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Cybersecurity Engineer

@ Booz Allen Hamilton | USA, VA, Arlington (1550 Crystal Dr Suite 300) non-client

View on infosec-jobs.com

Invoice Compliance Reviewer

@ AC Disaster Consulting | Fort Myers, Florida, United States - Remote

View on infosec-jobs.com

Technical Program Manager II - Compliance

@ Microsoft | Redmond, Washington, United States

View on infosec-jobs.com

Head of U.S. Threat Intelligence / Senior Manager for Threat Intelligence

@ Moonshot | Washington, District of Columbia, United States

View on infosec-jobs.com

Customer Engineer, Security, Public Sector

@ Google | Virginia, USA; Illinois, USA

View on infosec-jobs.com