"MOVEit Transfer Zero-Day Attacks: The Latest Info"

There is new information about the zero-day vulnerability exploited by attackers in Progress Software's MOVEit Transfer solution, as well as patches and helpful instructions for customers. Progress Software has updated the security advisory and confirmed that the vulnerability is a SQL injection flaw in the MOVEit Transfer web application that could enable an unauthenticated attacker to gain unauthorized database access. The vulnerability compromises all versions of MOVEit Transfer. Researchers from Huntress, TrustedSec, and Rapid7 have analyzed the webshell/backdoor. They released YARA signatures and SIGMA rules that defenders can use to detect indicators of compromise (IoCs) and look for suspicious files. The researchers also shared additional technical information about the attacks. This article continues to discuss the MOVEit Transfer zero-day attacks.

Help Net Security reports "MOVEit Transfer Zero-Day Attacks: The Latest Info"