Tag: moveIT
-
moveIT a series of breaches, all enabled by APIs FireTail Blog
Nov 11, 2025 – Jeremy Snyder – In mid-2023, a software vulnerability was discovered in a file transfer application known as moveIT. Because of the application’s popularity, numerous companies and organizations have found themselves vulnerable to the breach. This blog post will attempt to explain the vulnerability, map out the kill chain (also sometimes called…
-
moveIT a series of breaches, all enabled by APIs FireTail Blog
Nov 11, 2025 – Jeremy Snyder – In mid-2023, a software vulnerability was discovered in a file transfer application known as moveIT. Because of the application’s popularity, numerous companies and organizations have found themselves vulnerable to the breach. This blog post will attempt to explain the vulnerability, map out the kill chain (also sometimes called…
-
Progress Fixes High-Severity MOVEit Transfer Vulnerability
Progress patches a MOVEit Transfer flaw letting attackers exhaust resources and cause denial-of-service without authentication. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/moveit-vulnerability-transfer-resource/
-
Progress Fixes High-Severity MOVEit Transfer Vulnerability
Progress patches a MOVEit Transfer flaw letting attackers exhaust resources and cause denial-of-service without authentication. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/moveit-vulnerability-transfer-resource/
-
Progress Releases Patch for MOVEit Transfer Resource Consumption Flaw
Progress Software has released security patches to address a high-severity vulnerability in its MOVEit Transfer platform discovered on October 29, 2025. The flaw, tracked asCVE-2025-10932, affects the AS2 module and allows attackers to consume system resources without proper restrictions. Attribute Details CVE ID CVE-2025-10932 Vulnerability Type Uncontrolled Resource Consumption (CWE-400) Affected Component Progress MOVEit Transfer…
-
Gladinet file sharing zero-day brings patched flaw back from the dead
What to do: All versions of CentreStack and Triofox file sharing servers up to and including 16.7.10368.56560 are vulnerable to CVE-2025-11371.The bad news is that Gladinet has yet to issue a patch for this, which means that for the time being the best customers can do is to apply the recommended mitigation.Luckily, according to Huntress,…
-
Cl0p-linked threat actors target Oracle E-Business Suite in extortion campaign
Execs: Don’t ‘engage rashly’: There are no common vulnerabilities and exposures (CVEs) for this attack; the issue “stems from configuration and default business logic abuse rather than a specific vulnerability,” according to Halcyon.The firm advises organizations to check if EBS portals are publicly accessible (via /OA_HTML/AppsLocalLogin.jsp#) and if so, immediately restrict exposure. It is also…
-
Nuance Agrees to Pay $8.5M to Settle MOVEit Hack Litigation
Tags: communications, data, exploit, flaw, hacker, healthcare, microsoft, moveIT, software, zero-daySettlement Is Latest Among Scores of Other MOVEit Lawsuits Still Pending. Nuance Communications, a Microsoft subsidiary, has agreed to pay $8.5 million to settle class action litigation filed after hackers exploited a zero-day flaw in Progress Software’s MOVEit file transfer software in 2023, stealing data belonging to more than a dozen of Nuance’s healthcare clients.…
-
Microsoft’s Nuance coughs up $8.5M to rid itself of MOVEit breach suit
Supply chain breach has been a major target of legal action First seen on theregister.com Jump to article: www.theregister.com/2025/08/18/nuance_lawsuit/
-
Microsoft’s Nuance coughs up $8.5M to rid itself of MOVEit breach suit
Supply chain breach has been a major target of legal action First seen on theregister.com Jump to article: www.theregister.com/2025/08/18/nuance_lawsuit/
-
Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks
Experts say they don’t expect the MOVEit menace to do much about it First seen on theregister.com Jump to article: www.theregister.com/2025/07/02/cl0p_rce_vulnerability/
-
MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted
Threat intelligence firm GreyNoise is warning of a “notable surge” in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025″, suggesting that attackers may be preparing for another mass exploitation campaign or probing for unpatched systems.MOVEit Transfer is a popular managed file transfer solution used by businesses and government agencies to share sensitive…
-
MOVEit Transfer Systems Face Fresh Attack Risk Following Scanning Activity Surge
GreyNoise observed a surge in scanning activity targeting MOVEit Transfer systems since May 27, indicating the software could face renewed attacks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/moveit-attack-risk-scanning-surge/
-
Scans Probing for MOVEit Systems May Be Precursor to Attacks
Attackers Catalog IP Addresses With Open Ports, Seeking Exploitable Services. Someone – nobody knows who – is performing mass internet scans probing for MOVEit secure file-transfer installations, in what may be the precursor to a mass attack. Attackers regularly scan IP addresses for open ports, seeking exploitable services and devices. First seen on govinfosecurity.com Jump…
-
MOVEit Transfer Systems Hit by Wave of Attacks Using Over 100 Unique IPs
A dramatic surge in scanning and exploitation activity targeting Progress Software’s MOVEit Transfer file-sharing platform has alarmed cybersecurity researchers and enterprise defenders worldwide. Over the past 90 days, threat intelligence firm GreyNoise has detected 682 unique IP addresses targeting MOVEit Transfer systems, with the most intense activity beginning on May 27, 2025″, when scanning activity…
-
Critical infrastructure under attack: Flaws becoming weapon of choice
Tags: access, attack, authentication, breach, china, citrix, communications, control, cve, cyber, cybersecurity, dark-web, data-breach, defense, exploit, flaw, fortinet, government, group, hacker, healthcare, ibm, identity, incident, infrastructure, intelligence, iran, kev, login, mfa, monitoring, moveIT, network, ransomware, risk, service, software, strategy, supply-chain, threat, update, vpn, vulnerability, zero-dayTrade in exploit code: IBM’s X-Force found four of the 10 most mentioned common vulnerabilities and exposures (CVEs) on the dark web were linked to sophisticated threat actor groups, including nation-state intelligence agencies.”Exploit codes for these CVEs were openly traded on numerous forums, fueling a growing market for attacks against power grids, health networks, and…
-
Vor diesen Ransomware-Banden sollten Sie sich hüten
Tags: ai, cyber, cyberattack, data, data-breach, exploit, extortion, germany, group, hacker, intelligence, leak, lockbit, malware, moveIT, ransomware, service, software, strategy, threat, tool, usa, vulnerability, zero-dayRansomware-Attacken werden immer mehr. Höchste Zeit, die Schutzmaßnahmen hochzufahren.In den ersten drei Monaten des laufenden Jahres gab es einen neuen Höchststand bei den weltweit gemeldeten Ransomware-Vorfällen. Laut dem aktuellen Bericht State of Ransomware von Check Point Research (CPR) haben Hacker im ersten Quartal 2025 insgesamt 2.289 Unternehmen erpresst 126 Prozent mehr als im Vorjahreszeitraum (1.011…
-
Pennsylvania utility says MOVEit breach at vendor exposed some customer data
A Pennsylvania utility company says that basic customer data stolen from one of its vendors in 2023 was recently exposed online, but the incident did not affect its core systems. First seen on therecord.media Jump to article: therecord.media/pennsylvania-utility-says-moveit-vendor-breach-exposed-some-data
-
Texas utility firm investigating potential leak of customer data tied to 2023 MOVEit breach
A large Texas energy company confirmed it is investigating reports of stolen customer data that has been published on a cybercriminal forum after it was allegedly taken during a 2023 breach. First seen on therecord.media Jump to article: therecord.media/texas-utility-firm-investigating-potential-data-leak-moveit-breach
-
American National Insurance Company data likely stolen in MOVEit hack exposed
First seen on scworld.com Jump to article: www.scworld.com/brief/american-national-insurance-company-data-likely-stolen-in-moveit-hack-exposed
-
Impact of Unpatched Vulnerabilities in 2025
Vulnerability-based attacks are growing. Undoubtedly, these attacks are hackers’ favorite ways to gain initial access. Such attacks rose by 124% in the third quarter of 2024 compared to 2023. Furthermore, the quick shot of hackers taking advantage of the security flaw (CVE-2024-5806) in Progress MOVEit Transfer amplifies the dreadfulness of unpatched vulnerabilities. Once the vulnerability……
-
5 Things To Know On The Cleo Data Theft Attacks
The cybercriminal group Clop, previously responsible for the widely felt MOVEit data theft attacks of 2023, has reportedly claimed responsibility for the recent attacks exploiting Cleo file transfer tools. First seen on crn.com Jump to article: www.crn.com/news/security/2024/5-things-to-know-on-the-cleo-data-theft-attacks
-
Clop Ransomware Takes Responsibility for Cleo Mass Exploits
File-Transfer Software Being Exploited by One or More Groups; Vendor Pushes Patches. The ransomware group Clop is claiming credit for the mass exploitation of managed file-transfer software built by Cleo Communications, following on from the similar targeting of MOVEit file-transfer in 2023. Many large organizations rely on the MFT server software to securely transfer files.…
-
Time of Reckoning Reviewing My 2024 Cybersecurity Predictions
Tags: ai, attack, automation, awareness, breach, business, chatgpt, china, compliance, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, disinformation, election, espionage, exploit, healthcare, incident response, infrastructure, jobs, law, linkedin, malware, monitoring, moveIT, phishing, privacy, ransomware, regulation, risk, russia, service, software, supply-chain, technology, threat, tool, ukraine, update, vulnerability, warfare, zero-dayThe brutal reality is that cybersecurity predictions are only as valuable as their accuracy. As 2024 comes to a close, I revisit my forecasts to assess their utility in guiding meaningful decisions. Anyone can make predictions (and far too many do), but actually being correct is another matter altogether. It is commonplace for security companies…
-
MOVEit Repackaged and Recycled
The largest repackage and re-post of an old leak In November 2024, a hacker known as “Nam3L3ss” allegedly released previously undisclosed data from the MOVEit breach in May 2023. This leak consisted of millions of records, including sensitive employee and big brand corporate information, significantly escalating the breach’s impact. Digging into this story reveals that……
-
Attackers exploit zero-day RCE flaw in Cleo managed file transfer
Tags: advisory, attack, cve, edr, exploit, firewall, flaw, group, Internet, malicious, mitigation, moveIT, powershell, ransomware, rce, remote-code-execution, software, tool, update, vulnerability, vulnerability-management, windows, zero-daySecurity researchers have warned about in-the-wild attacks that exploit a remote code execution vulnerability in managed file transfer (MFT) solutions developed by enterprise software vendor Cleo Communications.The impacted products include the latest versions of Cleo LexiCom, Cleo VLTrader and Cleo Harmony, with experts advising to temporarily disconnect these systems from the internet until a patch…