Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AndreaMoore
Community Manager
Community Manager
‎06-16-2023 09:18 AM
‎06-16-2023 09:18 AM

U.S. Federal Agencies, Schools, Hospitals Impacted by Global Hacking Spree

Several U.S. federal agencies were hit in a global hacking campaign that exploited a vulnerability in a widely used file-transfer software.

 

https://www.reuters.com/world/us/us-government-agencies-hit-global-cyber-attack-cnn-2023-06-15/ 




ISC2 Community Manager
Reply
2 Replies
dcontesti
Community Champion
‎06-16-2023 03:10 PM
‎06-16-2023 03:10 PM

For anyone using the MOVEit transfer system although there is no CVE for it, here is some additional information on the hack does and systems potentially affected by it.

 

https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-15June2023

 

d

 

 

 

Reply
denbesten
Community Champion
‎06-16-2023 06:26 PM
‎06-16-2023 06:26 PM

CVE-2023-35708 has now been assigned, but is still awaiting CVSS score.  Vendor response is "install the just released patch".

 

Remotely accessible SQL injection attack with risk of data exposure, data loss and privilege escalation. I am anticipating CVSS to be fairly high.   

 

 

Reply