"Cl0P Gang Sat on Exploit for MOVEit Flaw for Nearly 2 Years"

The Cl0p ransomware group lingered on a zero-day vulnerability it discovered in Progress Software's MOVEit Transfer file transfer application for nearly two years before beginning to exploit it. During this holding period, group members launched periodic waves of malicious activity against vulnerable systems to test their access to organizations and determine which ones to target. Kroll Threat Intelligence researchers who investigated the recent attacks discovered evidence that Cl0P actors were experimenting with exploiting the MOVEit Transfer vulnerability as early as July 2021. Kroll's examination of Microsoft Internet Information Services (IIS) logs belonging to clients impacted by the attacks uncovered evidence of the threat actors undertaking similar activity in April 2022 and twice last month. This article continues to discuss the Cl0p ransomware group sitting on a zero-day vulnerability discovered in Progress Software's MOVEit Transfer file transfer app for nearly two years. 

Dark Reading reports "Cl0P Gang Sat on Exploit for MOVEit Flaw for Nearly 2 Years"