Category: Moveit

At the end of May 2023, a Zero Day vulnerability was discovered by risk analysing firm Kroll and on June 7th of this year, Clop ransomware gang published on its blog that they have gained access to the servers of MOVEit software via Zellis Payroll software and urged the victims to contact via the blog post, as their email response could go at snail pace as the number of victims related to the incident was large.

Going forward, let us list out the victims who have been impacted by the attack after the hack-ers gained control of Moveit file transfer software worldwide, a business unit of Progress Software.

1.    The US Department of Energy,
2.    Shell company,
3.    First National Bankers Bank
4.    Putnam Investments
5.    Datasite
6.    Swizz Insurance company ‘OKK’
7.    Leggett & Platt
8.    Multinational firm PricewaterhouseCoppers(Pwc)
9.    Ernst & Young
10.    Health Services Ireland
11.    BBC
12.    British Airways
13.    Boots Retail
14.    Medibank
15.    Rochester Hospital
16.    GreenShield Canada
17.    Datasite
18.    National Student Clearinghouse
19.    United Healthcare Student Resources
20.    University System of Georgia
21.    German brand Heidelberg
22.    Aer Lingus
23.    Government of Nova Scatia
24.    Johns Hopkins University
25.    Ofcom
26.    Transport for London (TfL)
27.    Ernst and Young

NOTE- Microsoft has confirmed the presence of Clop ransomware suspects, linked to Russian intelligence behind the incident and reaffirmed that health organizations and financial institutions could be the next target of the notorious file encrypting malware spreading gang that is into double extortion.

The post List of victimized companies of MOVEit Cyber Attack appeared first on Cybersecurity Insiders.

After taking advantage of a security vulnerability on Moveit file transfer software produced by Progress Software, a hacker has reportedly taken control of servers on almost all US Federal Agencies. This was confirmed by Cybersecurity and Infrastructure Security Agency (CISA) which also stated that agency heads are being urged to take proper security measures before more such effects are discovered.

Shell, the US Department of Energy, Johns Hopkins University and its health subsidiary and the University System of Georgia have been hit by a cyber-attack..

Initially, Russian hackers gang Clop Ransomware was suspected to be behind the incident. But now the suspicion finger is pointing towards LockBit as a third-party investigation taken up on request of British Airways (another victim of Moveit software cyber-attack) has found the said ransomware spreading gang behind the incident.

It is unclear whether data was stolen from all victims and news is yet to be out on the ransom note.

Reports of a Twitter handle where the hacker posted data as proof have surfaced. They warned that victims who don’t respond to the ransom demands will face serious consequences like data erasure..

Meanwhile, the white house seems to have sniffed out the situation and the Biden admin has ordered for a clinical probe into the incident. After the JBS Meat Ransomware attack and the digital assault on Colonial Pipeline operational software, the latest incident on Moveit software is the next to be tagged as critical by CISA.

 

The post Almost all US Fed Agencies fell prey to Cyber Attack appeared first on Cybersecurity Insiders.

There are shocking revelations about a US Government data suck-up, historic security breaches at Windsor Castle, and the MOVEit hack causes consternation. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.