Progress Software has released a security advisory for a privilege escalation vulnerability (CVE-2023-35708) in MOVEit Transfer — a Managed File Transfer Software.
CISA has urged users and organisations to review the MOVEit Transfer advisory, follow the mitigation steps and apply the necessary updates when available.
Sergey Shykevich, Group Manager at Check Point Research, commented: “The MOVEit attack proves that 2023 is definitely becoming a year of mega events within the ransomware ecosystem. Major ransomware groups like Clop and some LockBit affiliates are not trying tactically to infect victim by victim, but instead strategising to make their operations more efficient by exploiting software that is widely used in a corporate environment. This approach, exploiting one software, allows them to infect hundreds of victims at a time.
“We’ve seen such developments not only in the instance of MOVEit, but also earlier this year with the GoAnywhere MFT attack by the same Clop group, as well as in a claim by the Lockbit group who infected an estimated 60 companies by exploiting vulnerabilities in a cloud service provider.
“After the success of these events, more ransomware groups will focus their efforts on finding vulnerabilities in widely used software, or just buying such vulnerabilities from brokers on the Dark Web. This attack pattern emphasises the importance for companies to implement a multi-layered cybersecurity strategy and to prioritise patching quickly when vulnerabilities are announced.”
Click below to share this article