A new MOVEit vulnerability is igniting hacking attempts. Companies should patch ASAP
MOVEit, a popular file transfer platform used by thousands of companies and government entities, is once again in the news for all the wrong reasons.
MOVEit developer Progress Software earlier this week said that it had discovered a critical vulnerability in its software that, if not patched with its latest software update, could be exploited by hackers to steal data. Progress Software initially graded the vulnerability as high, but later changed it to "critical." MOVEit users who don't download a patch to fix the flaw could become victims of hackers who exploit the vulnerability and ultimately access their data.
Also: The best VPN services of 2024: Expert tested and reviewed
If this sounds familiar, that's because MOVEit users suffered from a major vulnerability in 2023 that allowed hackers to steal data from thousands of companies and government organizations. The main perpetrator of those attacks, the ransomware group Cl0p, was able to steal data from British Airways, the US Department of Energy, and more. The security hole ultimately led to hacking groups stealing data on millions of people around the globe.
Despite those attacks, MOVEit remains a heavily used platform among companies and organizations. The software helps users transfer files and data across a range of transfer protocols, including SFTP, SCP, and more. It also does so with full compliance with data privacy regulations like HIPPA, making it useful to the healthcare sector and other heavily regulated industries.
Also: The US bans Kaspersky products, citing security risks - what this means for you
It's unclear whether the latest MOVEit vulnerability will turn into a disaster like last year's hack. Progress Software this time around was quick to note that it discovered the issue and said that if users apply the patch, they'll be able to protect themselves against any exploits.
Hackers are paying attention. After Progress Software announced the vulnerability, The Shadowserver Foundation, an organization that aims to improve internet security, said that it has already seen an increase in hacking activities against MOVEit.
"Very shortly after vulnerability details were published today, we started observing Progress MOVEit Transfer CVE-2024-5806 POST /guestaccess.aspx exploit attempts," the organization said, referring to hacking attempts against the known vulnerability. "If you run MOVEit & have not patched yet - please do so now."
For consumers, there isn't much to do but hope that companies housing their data are actually updating their MOVEit installations.