1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Another major MOVEit flaw could be on the way - here's what we kn

    From TechnologyDaily@1337:1/100 to All on Mon Jun 30 15:15:07 2025
    Another major MOVEit flaw could be on the way - here's what we know

    Date:
    Mon, 30 Jun 2025 14:09:21 +0000

    Description:
    Hackers are increasingly scanning for MOVEit instances.

    FULL STORY ======================================================================Security
    researchers see a significant increase in IP scans for MOVEit instances This could signal a newly discovered vulnerability in the tool Most scans are coming from the US, so be on your guard

    Once bitten, twice shy the old saying goes, so when security researchers see hackers intensively scanning for MOVEit instances, its no wonder theyre sounding the alarm.

    Threat intelligence outfit GreyNoise has reported a notable surge in the number of malicious scans for systems running Progress MOVEit Secure Managed File Transfer software.

    Back in 2023, a major vulnerability was discovered in the software, which was quickly picked up by Cl0p - at the time an infamous Russian-based ransomware operation. The hackers abused the flaw to steal sensitive information on hundreds of organizations and millions of people - extorting their way to riches. Government agencies, healthcare firms, IT companies - were all affected.

    Get 55% off Incogni's Data Removal service with code TECHRADAR

    Wipe your personal data off the internet with the Incogni data removal service. Stop identity thieves
    and protect your privacy from unwanted spam and scam calls. View Deal IP volume steadily increasing

    Even though the bug was squashed and most instances patched, threat actors continued scanning the wide web for potential victims. GreyNoise says that on an ordinary day, scanning was minimal with fewer than 10 IPs a day.

    The researchers note on May 27, that number spiked to over 100 unique IPs, followed by 319 IPs on May 28.

    Since then, the daily IP volume never dropped below 200, and hovered around the 300 range. That, they believe, is evidence that someone knows something and is looking for an exploit.

    Over the last 90 days, more than 600 unique IP addresses were linked to this campaign, a number which has been steadily increasing. Most of them are in
    the United States, with notable figures coming from Germany, Japan,
    Singapore, Brazil, the Netherlands, South Korea, Hong Kong, and Indonesia.

    Managed File Transfer tools, such as MOVEit, are popular among SMBs and enterprises, as they allow for a secure and seamless way to share important and often sensitive files.

    This makes the tools a popular target, and besides Progress solution, others have been targeted as well, including GoAnywhereMFT, IBM Aspera Faspex, and others.

    Via The Hacker News You might also like MOVEit breach chaos continues, data on hundreds of thousands leaked from Nokia, Morgan Stanley Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/another-major-moveit-flaw-could-be-on-t he-way-heres-what-we-know


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)