MOVEit

New MOVEit Transfer Vulnerability Under Active Exploitation

Jun 26, 2024 by iHash Leave a Comment

Jun 26, 2024NewsroomVulnerability / Data Protection A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability, tracked as CVE-2024-5806 (CVSS score: 9.1), concerns an authentication bypass that impacts the following … [Read more...] about New MOVEit Transfer Vulnerability Under Active Exploitation

Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software

Jul 7, 2023 by iHash Leave a Comment

Jul 07, 2023Swati KhandelwalVulnerability / Cyber Threat Progress Software has announced the discovery and patching of a critical SQL injection vulnerability in MOVEit Transfer, popular software used for secure file transfer. In addition, Progress Software has patched two other high-severity vulnerabilities. The identified SQL injection vulnerability, tagged as … [Read more...] about Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software

Data Exfiltration for MOVEit Transfer Exploit

Jun 19, 2023 by iHash Leave a Comment

Summary Points Organizations around the globe continue to experience the fallout of the MOVEit Transfer exploit CVE-2023-34362 CrowdStrike incident responders have identified evidence of mass file exfiltration from the MOVEit application, as a result of the webshell activity on compromised MOVEit systems Data exfiltration activity can be identified by analyzing the MOVEit … [Read more...] about Data Exfiltration for MOVEit Transfer Exploit

MOVEit mayhem 3: “Disable HTTP and HTTPS traffic immediately”

Jun 16, 2023 by iHash Leave a Comment

Yet more MOVEit mayhem! “Disable HTTP and HTTPS traffic to MOVEit Transfer,” says Progress Software, and the timeframe for doing so is “immediately”, no ifs, no buts. Progress Software is the maker of file-sharing software MOVEit Transfer, and the hosted MOVEit Cloud alternative that’s based on it, and this is its third warning in three weeks about hackable vulnerabilities in … [Read more...] about MOVEit mayhem 3: “Disable HTTP and HTTPS traffic immediately”

New Critical MOVEit Transfer SQL Injection Vulnerabilities Discovered

Jun 10, 2023 by iHash Leave a Comment

Jun 10, 2023Ravie LakshmananVulnerability / Cyber Threat Progress Software, the company behind the MOVEit Transfer application, has released patches to address brand new SQL injection vulnerabilities affecting the file transfer solution that could enable the theft of sensitive information. "Multiple SQL injection vulnerabilities have been identified in the MOVEit Transfer web … [Read more...] about New Critical MOVEit Transfer SQL Injection Vulnerabilities Discovered

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54

New MOVEit Transfer Vulnerability Under Active Exploitation

Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software

Data Exfiltration for MOVEit Transfer Exploit

MOVEit mayhem 3: “Disable HTTP and HTTPS traffic immediately”

New Critical MOVEit Transfer SQL Injection Vulnerabilities Discovered