If you’re in the IT or cybersecurity industry, you can fully appreciate how difficult last week must have been for customers racing to patch the Progress MOVEit vulnerability before hackers could exploit it. Further, you can definitely relate to how painful the news must have been on Friday when Progress disclosed that several additional SQL injection vulnerabilities had been discovered in the MOVEit file transfer service.
Well, the to-do list for those affected just got bigger.
Last week we published this blog summarizing the events surrounding the security crisis associated with the zero-day vulnerability discovered in Progress Software’s MOVEit managed file transfer application.
Today, we'll cover the latest on Progress MOVEit's zero-day vulnerability - and what risk mitigation looks like this week.
Whenever zero-day vulnerabilities are publicly disclosed, IT teams must race to determine if their organization is using the impacted product. If the vulnerable product is being used, the IT team must race to patch it as quickly as possible before threat actors find it and exploit it. It’s a stressful time for everyone involved.
Typically, once the vulnerability has been successfully patched, IT teams can stop and take a breath. In this case however, there is no rest for the weary. Why? Because those same IT teams that raced last week to patch one MOVEit vulnerability (CVE-2023-34362) – are now racing again this week to patch several more.
As of this morning, Progress Software is urging customers to perform further emergency patching due to these additional SQL injection vulnerabilities which are new and separate from the ones previously reported and patched on May 31.
It is believed that the Clop ransomware-as-a-service group is responsible for orchestrating the attacks against MOVEit instances. The new vulnerability (CVE-2023-35036), allows attackers to modify and disclose the content of the MOVEit database by submitting a crafted payload to a MOVEit Transfer application endpoint.
We don't yet know the exact magnitude of the zero-day vulnerability, but it's suspected that the volume could reach up to 3,000 internet-exposed systems as victims continue to come forward.
Given the ongoing vulnerabilities and security breaches affecting Progress Software's MOVEit, customers using the service would be wise to explore alternative service providers like Virtru for secure file transfer software. By switching to a different provider, customers can mitigate the risks associated with the vulnerabilities and ensure the safety of their sensitive data as they share files.
Virtru Secure Share offers effortless large file sharing without the dependency on on-premises servers or the hassle of manual security patches. Consistently passing third-party audits, the Virtru Platform complies with stringent standards such as FedRAMP and SOC 2, meeting military-grade encryption standards at rest and in transit. Virtru's approach to data security places control firmly in the user's hands with robust end-to-end encryption. Users can choose to host private keys wherever they prefer, while Virtru handles high-volume key exchanges and policy management.
Virtru Secure Share ensures that sharing sensitive information doesn't lead to relinquishing control. Users maintain policy and access control over files, and granular data controls help secure information, whether shared intentionally or accidentally exposed. End users can easily integrate Secure Share within their workflows, whether they’re in a Microsoft or Google house.
As IT teams scramble to patch MOVEit weaknesses, Virtru Secure Share presents a reliable, secure alternative, allowing a shift from a reactive to a proactive security posture. Connect with us today to explore enhancing file transfer security, even amidst unpredictable zero-day vulnerabilities.
Contact us to learn more about our partnership opportunities.