MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362)

The zero-day vulnerability attackers have exploited to compromise vulnerable Progress Software’s MOVEit Transfer installations finally has an identification number: CVE-2023-34362. Based on information shared by Mandiant, Rapid7 and other security researchers, the attackers seem to have opportunistically targeted as many exposed organizations as possible, including US government agencies and banks. Microsoft is attributing the initial attacks to the Cl0p ransomware group (aka FIN11, or Lace Tempest – according to its new threat actor taxonomy). Mandiant … More →

The post …

0 day attackers banks cl0p compromise cve data theft don't miss enterprise exploited exposed extortion file sharing government hot stuff identification information mandiant microsoft moveit moveit transfer organizations progress progress software rapid7 researchers security security researchers software vulnerability vulnerable zero-day zero-day vulnerability