Head Topics

Batten down the hatches, it's time to patch some more MOVEit bugs

Canada News News

Batten down the hatches, it's time to patch some more MOVEit bugs
Canada Latest News,Canada Headlines
  • 📰 TheRegister
  • ⏱ Reading Time:
  • 58 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 27%
  • Publisher: 61%

Exploit attempts for ‘devastating’ vulnerabilities already underway

Thought last year's MOVEit hellscape was well and truly behind you? Unlucky, buster. We're back for round two after Progress Software lifted the lid on fresh vulnerabilities affecting MOVEit Transfer and Gateway.

MOVEit Transfer was at the center of last year's breaches. It's a popular managed file transfer product used by orgs to transfer files around the company. MOVEit Gateway is a proxy service that works to make Transfer deployments safer. It allows orgs to place Gateway servers inside their demilitarized zone, allowing for Transfer to operate on the local area network only, away from the public internet.

MOVEit's hardening and privilege separation would likely hinder real-world applications of this, watchTowr said, and organizations serious about security would prohibit remote logins to highly privileged accounts. Despite not being deemed as severe by the researchers, both vulnerabilities carry the same critical severity score.

The report reads:"It is easy to imagine an attacker would use a list of usernames, perhaps from an email list, attempting the exploit with each in turn until one works."One year on, universities org admits MOVEit attack hit data of 800K people"Although this is a low bar for attackers to overcome, it will help limit the progress of automated attacks," watchTowr added.

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

TheRegister /  🏆 67. in UK

Canada Latest News, Canada Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

White House report dishes deets on all 11 major government breaches from 2023White House report dishes deets on all 11 major government breaches from 2023The MOVEit breach and ransomware weren’t kind to the Feds last year
Read more »

Michael Jackson’s guitarist lifts lid on troubled icon’s life in ‘prison’ & ‘very dark’ allegations 15yrs o...Michael Jackson’s guitarist lifts lid on troubled icon’s life in ‘prison’ & ‘very dark’ allegations 15yrs o...Michael Jackon’s guitarist Jennifer Batten
Read more »

Liberty got 'very lucky' to buy F1 from Ecclestone to exploit untapped potentialLiberty got 'very lucky' to buy F1 from Ecclestone to exploit untapped potentialLiberty Media admits it got 'lucky' to take over a Formula 1 from Bernie Ecclestone that was deliberately neglecting social media and not exploiting the full potential it offered.
Read more »

POC exploit code published for 9.8-rated Apache HugeGraph RCE flawPOC exploit code published for 9.8-rated Apache HugeGraph RCE flawYou upgraded when this was fixed in April, right? Right??
Read more »

Why England are already in must-win territory against Australia at T20 World CupWhy England are already in must-win territory against Australia at T20 World CupEngland have to exploit Australia's biggest weaknesses - including David Warner
Read more »

Anthony Joshua has 'chink in the armour' that Daniel Dubois can exploitAnthony Joshua has 'chink in the armour' that Daniel Dubois can exploitThe two Brits could battle it out for the heavyweight world championship later this year.
Read more »



Render Time: 2025-08-30 06:19:04