The zero-day vulnerability in https://www.upguard.com/security-report/progress-software-corporation' MOVEit Transfer product is being exploited by the Clop ransomware gang and other copycat cybercriminal groups to expedite the theft of sensitive data from customer databases. The MOVEIT Transfer vulnerability (CVE-2023-35708) is a security vulnerability in MOVEit Transfer - a Managed File Transfer solution for transferring files securely between organizations. If exploited, this critical vulnerability could facilitate privileged escalation, allowing threat actors to access a MOVEit Transfer database and exfiltrate its data to their command-and-control servers.

Step Disable all HTTP and HTTPS traffic to your MOVEit Transfer environment

Now that all malicious files and accounts have been removed and patches have been applied, HTTP and HTTPS traffic can be reinstated to your MOVEit Transfer ecosystem.

Related Articles