MOVEit Transfer is a managed file transfer (MFT) solution developed by Ipswitch, a subsidiary of Progress Software Corporation, that allows the enterprise to securely transfer files between business partners and customers using SFTP, SCP, and HTTP-based uploads. Previously during Feb of this year, we saw a different MFT solution, Fortra GoAnywhere MFT exploited by attackers for ransomware attacks on various organizations which shows file transfer solution remain a target for ransomware attacks. To read the full Outbreak Report, go to Additional Resources section below.

May 31, 2023: Vulnerability was announced by Progress Software Corporation. June 2, 2023: CISA added CVE-2023-34362 to its Known Exploited Vulnerability catalog (KEV)

June 2, 2023: FortiGuard Labs released a Threat Signal on Progress MOVEit Transfer SQL Injection Vulnerability. June 4, 2023: Microsoft links attacks exploiting the CVE-2023-34362 MOVEit Transfer 0-day vulnerability to Lace Tempest aka Cl0p ransomware group. June7, 2023: CISA released a Cybersecurity Advisory. "Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability" June 8, 2023: FortiGuard Threat Labs released a detailed blog on CVE-2023-34362 June 9, 2023: Another SQL injection vulnerability (CVE-2023-35036) have been identified in the MOVEit Transfer web application that could allow an un-authenticated attacker to gain unauthorized access to the MOVEit Transfer database. June 15, 2023: Progress discovered a vulnerability (CVE-2023-35708) in MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment. May, 2024: The University System of Georgia (USG) is sending data breach notifications to 800,000 individuals whose data was exposed in the 2023 Clop MOVEit attacks.