"CISA and FBI Release Advisory on CL0P Ransomware Gang Exploiting MOVEit Vulnerability"

The Cybersecurity and Infrastructure Security Agency (CISA) and FBI have published a joint Cybersecurity Advisory (CSA) with recommended actions and mitigations to protect against and mitigate the impact of the CL0P Ransomware Gang exploiting the MOVEit vulnerability, which is tracked as CVE-2023-3436. CL0P Ransomware Gang, also known as TA505, started exploiting the previously unknown Structured Query Language (SQL) injection vulnerability in Progress Software's Managed File Transfer (MFT) solution called MOVEit Transfer in May 2023. CL0P infected Internet-facing MOVEit Transfer web applications with malware, which was then used to extract data from the underlying MOVEit Transfer databases. This article continues to discuss the joint advisory on the CL0P Ransomware Gang exploiting the MOVEit vulnerability. 

CISA reports "CISA and FBI Release Advisory on CL0P Ransomware Gang Exploiting MOVEit Vulnerability"