%term

SafeBreach Coverage for US-CERT Alert (AA23-158A) - CVE-2023-3462 MOVEit Vulnerability

Jun 8, 2023 By Kaustubh Jagtap In SafeBreach

On June 7th, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory highlighting the recent efforts of threat actors to disseminate CL0P ransomware. The various malicious indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) being leveraged by the threat actors are listed in US-CERT Alert (AA23-158A) – CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability.

Read Post

SafeBreach

Read more about SafeBreach Coverage for US-CERT Alert (AA23-158A) - CVE-2023-3462 MOVEit Vulnerability

Clop Ransomware Likely Sitting on MOVEit Transfer Vulnerability (CVE-2023-34362) Since 2021

Jun 8, 2023 By Scott Downie In Kroll

NOTE: The MOVEit Transfer vulnerability remains under active exploitation, and Kroll experts are investigating. Expect frequent updates to the Kroll Cyber Risk blog as our team uncovers more details. On June 5, 2023, the Clop ransomware group publicly claimed responsibility for exploitation of a zero-day vulnerability in the MOVEit Transfer secure file transfer web application (CVE-2023-34362).

Read Post

Kroll

Read more about Clop Ransomware Likely Sitting on MOVEit Transfer Vulnerability (CVE-2023-34362) Since 2021

DevSecOps Lifecycle Coverage with Snyk and Dynatrace: Next Level Integrated Solution

Jun 8, 2023 By Snyk In Snyk

In this Snyk Partner Speak video, we introduce the DevSecOps Lifecycle Coverage integration with Dynatrace. Learn how this integration takes our strategic alliance to the next level!

View Video

Snyk

Read more about DevSecOps Lifecycle Coverage with Snyk and Dynatrace: Next Level Integrated Solution

Russian Investigator Detained After Taking 1,000 Bitcoin Bribe From Hackers

Jun 8, 2023 By Cybercrime Prosecution Weekly In ImmuniWeb

Read also: Multiple firms impacted in the widespread MOVEit hacking spree, a hack drains at least $35M in crypto from Atomic Wallet users, and more.

Read Post

ImmuniWeb

Read more about Russian Investigator Detained After Taking 1,000 Bitcoin Bribe From Hackers

Three Steps to Prevent a Cybersecurity Breach from MOVEit Exploit

Jun 7, 2023 By SecurityScorecard In SecurityScorecard

SecurityScorecard conducted an extensive investigation into the Zellis breach. This research revealed alarming insights about the scale and persistence of the attack. The data exfiltration was carried out in several steps: Netflow data from Zellis IP ranges indicated large outbound transfers over HTTPS, which pointed towards the presence of a web shell. Additionally, SecurityScorecard researchers detected exfiltration over SSH to known malicious IP addresses.

Read Post

SecurityScorecard

Read more about Three Steps to Prevent a Cybersecurity Breach from MOVEit Exploit

Using Insights (Snyk)

Jun 7, 2023 By Snyk In Snyk

In this video, we cover the common use cases for the Insights feature.

View Video

Snyk

Read more about Using Insights (Snyk)

MOVEit and Lose it: Exploitation and Patching Hell

Jun 7, 2023 By Cato Networks In Cato Networks

Join Bill Carter and Robin Johns as they talk about the latest and greatest Cybersecurity topics and incidents happening across our digital landscape. In this episode we explore how the BBC, British Airways, Aer Lingus and other organisations have become victim to a 'mass hack' due to an alleged vulnerability in the MOVEit secure file transfer system, as well as explore how an old iPhone vulnerability could give threat actors full access to your device, without you even opening a file or clicking a link....

View Video

Cato Networks

Read more about MOVEit and Lose it: Exploitation and Patching Hell

Outpost24 acquires external attack surface management provider Sweepatic to reduce risk exposure of internet facing assets

Jun 7, 2023 By Outpost 24 In Outpost 24

Outpost24, a leading cybersecurity risk management platform, today announced the acquisition of Sweepatic. Outpost24, a leading cybersecurity risk management platform, today announced the acquisition of Sweepatic. Based in Leuven (BE), Sweepatic is an innovative external attack surface management (EASM) platform. Gartner identified EASM as a top Security and Risk Management (SRM) trend for 2022.

Read Post

Outpost 24

Read more about Outpost24 acquires external attack surface management provider Sweepatic to reduce risk exposure of internet facing assets

Responding to the Critical MOVEit Transfer Vulnerability (CVE-2023-34362)

Jun 7, 2023 By Scott Downie In Kroll

On May 31, 2023, Kroll received multiple reports that a zero-day vulnerability in MOVEit Transfer was being actively exploited to gain access to MOVEit servers. Kroll has observed threat actors using this vulnerability to upload a web shell, exfiltrate data and initiate intrusion lifecycles. This vulnerability may also enable a threat actor to move laterally to other areas of the network.

Read Post

Kroll

Read more about Responding to the Critical MOVEit Transfer Vulnerability (CVE-2023-34362)

CTI Roundup: Microsoft Finds a macOS Bug That Lets Hackers Bypass SIP Root Restrictions

Jun 7, 2023 By Tanium In Tanium

Improved BlackCat ransomware variant strikes with lightning speed in stealthier attacks, Microsoft finds a macOS bug that lets hackers bypass SIP root restrictions, and Dark Pink hackers continue to target government and military organizations.

Read Post