AdvisoryAdvisoriesCISAAA23-158A

June 12, 2023

CL0P Ransomware Gang Exploiting CVE-2023-34362

June 12, 2023

What we know so far

On May 27, 2023, the CL0P Ransomware Gang, also known as TA505, started exploiting a newly discovered vulnerability (CVE-2023-34362) in Progress Software's MOVEit Transfer, a managed file transfer solution. By infecting internet-facing MOVEit Transfer web applications with a web shell named LEMURLOOT, the gang gained unauthorized access to the underlying MOVEit Transfer databases and stole data. TA505 is known as one of the most prolific phishing groups in recent years.

Arrow Right

Schedule a test

Our insights

Protect your endpoints

Subscribe to alerts

June 12, 2023

Insights by Prelude

This advisory is relevant if you use Progress Software’s MOVEit Transfer product. If this is you - this is a major event - as any file stored on the server, from any endpoint, is at risk. Because MOVEit Transfer is commonly run as a managed cloud service, with endpoints connecting to it for file sharing, vulnerability scanners will struggle to provide a true risk assessment. You should locate the endpoints in your environment that are interacting with MOVEit Transfer to assess your exposure.

See if you are protected against this advisory

Arrow Right

Schedule a test with Prelude

Subscribe to advisory alerts

Be immediately notified of new advisories and associated security tests

More advisories

AdvisoryAdvisoryCISAAA24-207A

July 25, 2024

North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs

AdvisoryAdvisoryCISAAA24-193A

July 11, 2024

CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth

AdvisoryAdvisoryCISAAA24-190A

July 9, 2024

People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action

See all advisories

Arrow Right
Solutions
For Detection & Response TeamsFor CISOs
Platform
DetectCrowdStrike
Company
AboutCareersBlogAdvisoriesResourcesCommunityPress
Book a Demo

©2024 Prelude Research, Inc. All rights reserved.
Prelude, its logo and other trademarks are trademarks of Prelude Research, Inc. and may not be used without permission.

By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
DenyAccept

Cookies

Happening Soon: CTI to Assurance: Automating Proactive Threat Management With Prelude Detect
Save Your Seat
Arrow Right