Quotidien Shaarli

Multiple Unauthenticated SQL Injection Issues & Security Filter Bypass – CVE-2023-34133 Title: Multiple Unauthenticated SQL Injection Issues & Security Filter Bypass Risk: 9.8 (Critic…

This is the third documented campaign attributed to this actor in less than a year, with the actor reusing the same infrastructure throughout these operations.

• Compromised credentials are a gift that keeps on giving (your stuff away)
• MFA is your mature, sensible friend
• Dwell time is sinking faster than RMS Titanic
• Criminals don’t take time off; neither can you*
• Active Directory servers: The ultimate attacker tool
• RDP: High time to decline the risk
• Missing telemetry just makes things harder

The supply-chain cyberattack that targeted Progress Software’s MOVEit Transfer application has compromised over 963 private and public-sector organizations worldwide. The ransomware group, Cl0p, launched this attack campaign over Memorial Day weekend.

Some higher-profile victims of the hack include Maximus, Deloitte, TIAA, Ernst & Young, Shell, Deutsche Bank, PricewaterhouseCoopers, Sony, Siemens, BBC, British Airways, the U.S. Department of Energy, the U.S. Department of Agriculture, the Louisiana Office of Motor Vehicles, the Colorado Department of Health Care Policy and Financing, and other U.S. government agencies. Thus far, the personal data of over 58 million people is believed to have been exposed in this exploit campaign.