MOVEit: Attempted exploitation of critical vulnerability

Progress disclosed the authentication bypass vulnerability Tuesday and ‘very shortly after’ began seeing attempted exploits, according to Shadowserver researchers.

clock • 2 min read
MOVEit: Critical vulnerability under active exploitation
Image:

MOVEit: Critical vulnerability under active exploitation

Progress disclosed a critical new vulnerability in MOVEit Transfer Tuesday and “very shortly after” began seeing attempted exploits by hackers, according to researchers at Shadowserver.

The disclosure comes just over a year after widespread attacks targeted a prior vulnerability in Progress' MOVEit file transfer tool, ultimately compromising thousands of organisations in what turn...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
Progress Software fixes critical bugs in WS_FTP Server

Threats and Risks

Progress Software fixes critical bugs in WS_FTP Server

Bugs are being actively exploited, say researchers

clock 03 October 2023 • 2 min read
Clop using clearweb to publish MOVEit data

Hacking

Clop using clearweb to publish MOVEit data

Data is freely available for all to view

clock 24 July 2023 • 3 min read
Criminals breach Dublin airport staff data

Hacking

Criminals breach Dublin airport staff data

Airport blames Russia's Cl0p gang

clock 04 July 2023 • 3 min read
Most read
01

UK and allies reveal methodology of Russian GRU threat actor Unit 29155

06 September 2024 • 2 min read
02

Asian Tech Roundup: India threatens Wikipedia

06 September 2024 • 4 min read
03

School introduces UK's first 'teacherless' AI classroom

02 September 2024 • 4 min read
04

Veeam patches critical flaws, urges users to update

06 September 2024 • 2 min read
05

Nationwide and Red Hat partner to scale integration platform

06 September 2024 • 2 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

Get the newsletter

More on Threats and Risks

UK and allies reveal methodology of Russian GRU threat actor Unit 29155
Threats and Risks

UK and allies reveal methodology of Russian GRU threat actor Unit 29155

Group has targeted organisations including governments and critical infrastructure providers for espionage purposes

John Leonard
John Leonard
clock 06 September 2024 • 2 min read
Veeam patches critical flaws, urges users to update
Threats and Risks

Veeam patches critical flaws, urges users to update

The most concerning glitch affects VBR software

Dev Kundaliya
clock 06 September 2024 • 2 min read
Researchers ID security risks in GenAI development platforms
Threats and Risks

Researchers ID security risks in GenAI development platforms

Exposes sensitive company data

Dev Kundaliya
clock 29 August 2024 • 2 min read