The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Advanced fee fraud, Cyberespionage, Extortion, Infostealers, SQL injection, Traffic direction system, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
It’s Time to Patch Your MOVEit Transfer Solution Again!
(published: June 12, 2023)
On June 9, 2023, Progress Software uncovered additional SQL injection vulnerabilities that could potentially be used by unauthenticated attackers to grab data from the MOVEit Transfer database. The company released patches/fixed versions and deployed a new patch to all MOVEit Cloud clusters to address the new vulnerabilities. The Cl0p cyber extortion gang has been actively exploiting another recently-disclosed MOVEit Transfer vulnerability (CVE-2023-34362) and has targeted a variety of organizations from small businesses to big enterprises in a variety of sectors across the world. Aer Lingus, the BBC, Boots, British Airways, the government of Nova Scotia province (Canada), and Zellis are among the victim organizations. Kroll researchers have found evidence of similar activity occurring in April 2022 and July 2021, indicating that the attackers were testing access to organizations and grabbing information from the MOVEit Transfer servers to identify which organization they were accessing.Analyst Comment: MOVEit Transfer 2020.0.x (12.0) or older must be upgraded to a supported version, for newer versions apply the security patches available from Progress Software since June 10, 2023
Support the originator by clicking the read the rest link below.
