The zero-day vulnerability attackers have exploited to compromise vulnerable Progress Software’s MOVEit Transfer installations finally has an identification number: CVE-2023-34362. Based on information shared by Mandiant, Rapid7 and other security researchers, the attackers seem to have opportunistically targeted as many exposed organizations as possible, including US government agencies and banks. Microsoft is attributing the initial attacks to the Cl0p ransomware group (aka FIN11, or Lace Tempest – according to its new threat actor taxonomy). Mandiant … More
The post MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362) appeared first on Help Net Security.