MOVEit Vulnerabilities: What You Need to Know


Extortion actors have been actively exploiting a recently patched vulnerability in MOVEit Transfer, a file-transfer application that is widely used to transmit information between organizations.

The nature of the software affected means that attackers can exploit unpatched systems to mount a supply chain attack against multiple organizations. While the original vulnerability (CVE-2023-34362) was patched on May 31, MOVEit Transfer’s developers announced on Friday (June 9) that multiple additional vulnerabilities (CVEs pending) have also been identified and patched.

Read more…
Source: Symantec