Massive authentication vulnerability risks compromising much of the internet

Massive authentication vulnerability risks compromising much of the internet
Pls share this post


Listen to this article
Hacker on laptop

Another day, another newly discovered exploit. But this vulnerability has the potential to be a really big problem.

This week, Progress Software announced that it had discovered two new items for the common vulnerabilities and exposures (CVE) list of the enterprise product MOVEit Transfer, a popular way for businesses to securely transfer and exchange sensitive files and data. 

This most recent MOVEit vulnerability, known as CVE-2024-5806, allows hackers to bypass authentication protocols and access the potentially sensitive information being transferred.

READ ALSO  Get lifetime access to 20TB of cloud storage for under £80

While many readers may not be familiar with Progress Software or MOVEit, this vulnerability could result in serious consequences. As Ars Technica points out, a MOVEit vulnerability affected millions of people last year. Thousands of organizations, including the US Department of Energy and Shell, were compromised. The 2023 exploit’s effects on the Canadian province of Ontario’s government birth registry alone left 3.4 million people compromised.

Currently, MOVEit is installed on as many as 2,700 networks globally. Bad actors, such as at least one ransomware gang, have already made attempts to exploit this most recent vulnerability, according to cybersecurity researchers with The Shadowserver Foundation and the security firm Censys.

READ ALSO  Workers with AI skills are getting these pay cash premiums

Progress Software has since released a patch to close the exploit, which can be found here.

Source



Pls share this post
Previous articleRussia sets its sight on the Democratic Republic of Congo
Next article
Hawk Tuah girl’s merch is already raking in lots of cash