Triple MOVEit Transfer
#news The list of companies affected by the Cl0p attack through the MOVEit software continues to grow with big names. The hack was confirmed by Siemens Energy, a $35 billion energy equipment maker. The company claims that critical data was not affected, as well as their business operations.
Meanwhile, Siemens Energy is also active in the oil and gas industry, which adds a bit of irony to their own hack. In turn, Cl0p keeps updating the site with leaks and is in no hurry to stop. Large companies, universities, all kinds of government agencies – the list is growing, and millions of people are already affected by leaks. Following the finest hour of the attackers, however, the stakes also increase: the FBI announced a sum of $ 10 million for information about the members of the group. And although the current geopolitical situation plays into their hands, the big guys in expensive suits will sooner or later come to an agreement, and the cases opened against cybercriminals will not go anywhere.
The first part: Vulnerabilities
In this post, we examined three critical SQLi vulnerabilities in MOVEit Transfer, which have been making a lot of noise these days.
Second part: CVE-2023-34362 vulnerability analysis
In this post, we take a look at the CVE-2023-34362 vulnerability report in MOVEit Transfer published by Attackerkb.
The third part: Attack with CVE-2023-34362
In this post, we discussed how threat actors exploit and attack using the CVE-2023-34362 exploit and deploying the LEMURLOOT web shell.
https://anonfiles.com/h6xcke0bz7/MOVEit_Transfer_2023_0_0_FullInstall_exe_7z