New MOVEit Transfer zero-day vulnerability leaked on Twitter

20 June 2023

Bloomberg BNN reports that details of a new zero-day vulnerability impacting Progress Software’s MOVEit Transfer file transfer app that had been disclosed by an ethical hacker and exploit writer to Huntress Senior Researcher John Hammond had been inadvertently exposed by the exploit writer on Twitter. Information regarding the zero-day which has been discovered following the emergence of two others, one of which has been actively exploited by the Clop ransomware operation was sought to be removed on Twitter by Hammond but has already circulated on Slack, prompting Hammond to notify Progress, which has released a fix the following day.

Source: SC Magazine

Date:

20 June 2023

Categorie(s):

NEWS

Tag(s):

MOVEit, New, Social Networks, Transfer, Twitter

Offensive Awakening: The 2024 Shift from Defensive to Proactive Security5 May 2024
End-to-end encryption may be the bane of cops, but they can’t close that Pandora’s Box5 May 2024
Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks5 May 2024
Navigating the Digital Age: AI’s Crucial Role in Cybersecurity Reinforcement5 May 2024
Dating apps kiss’n’tell all sorts of sensitive personal info4 May 2024