Tuesday, June 27, 2023

Casualties keep growing in this months mass exploitation of MOVEit 0-day


Enlarge (credit: Getty Images) The dramatic fallout continues in the mass exploitation of a critical vulnerability in a widely used file-transfer program, with at least three new victims coming to light in the past few days. They include the New York City Department of Education and energy companies Schneider Electric and Siemens Electric. To date, the hacking spree appears to have breached 122 organizations and obtained the data of roughly 15 million people, based on posts the crime group has published or victim disclosures, Brett Callow, a threat analyst at the antivirus company Emsisoft, said in an interview. Microsoft has tied the attacks to Clop, a Russian-speaking ransomware syndicate. The hacks are all the result of Clop exploiting what had been a zero-day vulnerability in MOVEit, a file-transfer service that’s available in both cloud and on-premises offerings. Read 9 remaining paragraphs | Comments Reference : https://ift.tt/43uB9wO

No comments:

Post a Comment

NATO’s Emergency Plan for an Orbital Backup Internet

On 18 February 2024, a missile attack from the Houthi militants in Yemen hit the cargo ship Rubymar in the Red Sea. With the crew evacu...