Essential Insights on MOVEit Transfer Vulnerabilities

Federal agencies are the latest target of a global cyberattack in which threat actors exploited a security hole in the file-transfer program by Progress, MOVEit, to steal data and demand ransom payments.

CISA (Cybersecurity & Infrastructure Security Agency) confirmed that they are supporting federal agencies that have been affected, including the Department of Energy. Additionally, Reuters verified that the threat actors responsible for the breach are a part of a Russian-speaking ransomware group, CLOP, who have claimed credit for similar attacks in the past.

The vulnerabilities were discovered at the end of May and the company launched an investigation into the attacks, along with alerting customers. Progress released new patch updates to their transfer software and cloud following the announcement. The company also reported that they are currently working with third-party cybersecurity experts to conduct further detailed code reviews as an added layer of protection for their customers.

Was your organization a target of these attacks?

We know that cyberattacks can be extremely stressful, especially when you are not sure if your organization is vulnerable. The experts at Entara are at the ready to support your organization, identify your risk level, and respond to the security incident, if needed.

Our team has spent over 100,000 hours executing best-in-class incident response work, including eradicating threats, getting organizations up and running as quickly as possible after a breach, and providing post-breach hardening services to make organizations more resilient to threats in the future.

Contact us to learn more about how we can support your cybersecurity needs through solutions such as security assessments, incident response retainers, or vCISO advisory services.

Scroll to Top