Extreme Networks has revealed that it has fallen victim to the rapidly evolving MOVEit cyber attack. As a consequence, customers who rely on the network hardware and services provided by Extreme Networks may face the potential threat of having their data compromised by the notorious Clop (aka Cl0p) cyber extortion group.
A security flaw called CVE-2023-34262 has been discovered in MOVEit transfer, allowing attackers to exploit SQL injection vulnerabilities. The notorious cyber group known as Clop has been actively developing methods to exploit this vulnerability for a significant period.
Clop has targeted multiple file transfer products, compromising them and leveraging them against their users.
Zellis, a company specializing in HR and payroll software, has emerged as the most prominent target of Clop’s recent wave of attacks.
Zellis, a company specializing in HR and payroll software, has emerged as the most prominent target of Clop’s recent wave of attacks.
Following the detection of suspicious activity related to
the CVE-2023-34262 exploit chain, LeMagIT, reached out to Extreme Networks on Tuesday, June 6th. They discovered an instance of the affected managed file transfer service, MOVEit
Transfer, linked to Extreme Networks’ domain. The observed behavior of this
instance raised concerns about a potential security breach.
Philip Swain, the Chief Information Security Officer (CISO) of Extreme Networks, acknowledged that their instance of the Progress Software MOVEit Transfer tool had experienced a security breach.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: