Researchers uncover third flaw in MOVEit file-transfer tool
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Lindsey Bailey/Axios
A third security flaw has been discovered in a highly targeted file-transfer tool, adding to vulnerable organizations' growing to-do list.
Why it matters: Russian ransomware gang Cl0p has been using security holes in file-transfer tool MOVEit to target federal agencies, state governments and corporate entities for weeks.
- Researchers have estimated that thousands of organizations are at risk of attack if they don't properly patch their systems.
Details: Progress, the developer of MOVEit, disclosed a third security vulnerability last week that affects the cloud version of the tool.
- If they exploit the vulnerability, malicious actors could gain access to MOVEit's database, steal what's there or even alter the contents. Progress responded by taking the MOVEit Cloud tool offline until a patch was available.
- On Sunday, Progress said it had "not seen any evidence" that hackers had exploited the newest vulnerability.
The big picture: The latest vulnerability discovery underscores how challenging resolving an active supply chain attack can be.
- Many organizations might not know they're affected yet, and it can take weeks to figure out how exactly the attackers broke in.
Of note: News of the third vulnerability comes as more organizations say they're responding to MOVEit-related breaches and the Cl0p ransomware gang goes into damage-control mode.
- The USDA told The Record that it may have been hit by the group.
Catch up quick: Originally, MOVEit customers were only responding to two recently discovered "zero-day" vulnerabilities — both of which could give hackers the ability to access their sensitive data and gain network access.
Be smart: Progress has released patches that organizations can apply to resolve the three vulnerabilities.
Sign up for Axios’ cybersecurity newsletter Codebook here
