Please turn on your JavaScript for this page to function normally.
Progress MOVEit
A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708)

Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability (CVE-2023-35708) discovered in the web …

patch tuesday
June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange

For June 2023 Patch Tuesday, Microsoft has delivered 70 new patches but, for once, none of the fixed vulnerabilities are currently exploited by attackers nor were publicly …

Progress MOVEit
PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)

As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE …

Progress MOVEit
It’s time to patch your MOVEit Transfer solution again!

Progress Software customers who use the MOVEit Transfer managed file transfer solution might not want to hear it, but they should quickly patch their on-prem installations …

Fortinet
Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997)

Fortinet has released several versions of FortiOS, the OS/firmware powering its Fortigate firewalls and other devices, without mentioning that they include a fix for …

Progress MOVEit
Cl0p announces rules for extortion negotiation after MOVEit hack

The Cl0p cyber extortion crew says that the many organizations whose data they have pilfered by exploiting a vulnerability in the MOVEit Transfer solution have until June 14 …

omega
0mega ransomware gang changes tactics

A number of ransomware gangs have stopped using malware to encrypt targets’ files and have switched to a data theft/extortion approach to get paid; 0mega – a …

Progress MOVEit
MOVEit Transfer hack fallout: BBC, Aer Lingus, Boots among the victims

The fallout of the MOVEit Transfer hack via CVE-2023-34362 by the Cl0p gang is expanding, as several UK-based companies have now confirmed that some of their data has been …

Progress MOVEit
MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362)

The zero-day vulnerability attackers have exploited to compromise vulnerable Progress Software’s MOVEit Transfer installations finally has an identification number: …

Progress MOVEit
MOVEit Transfer zero-day attacks: The latest info

There’s new information about the zero-day vulnerability in Progress Software’s MOVEit Transfer solution exploited by attackers and – more importantly – …

Progress MOVEit
Critical zero-day vulnerability in MOVEit Transfer exploited by attackers!

UPDATE (June 2, 2023, 05:55 a.m. ET): Check out our update on this evolving situation. A critical zero-day vulnerability in Progress Software’s enterprise managed file …

Google Drive
Threat actors can exfiltrate data from Google Drive without leaving a trace

Google Workspace (formerly G Suite) has a weak spot that can prevent the discovery of data exfiltration from Google Drive by a malicious outsider or insider, Mitiga …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released whent there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools