cl0p
Safeguard articles tagged "cl0p" — guides, analysis, and best practices for software supply chain and application security.
4 articles
MOVEit Transfer (CVE-2023-34362) Explained: The SQL Injection Behind the Cl0p Mass Breach
CVE-2023-34362 is a SQL injection in Progress MOVEit Transfer that let unauthenticated attackers reach the database and drop a web shell. Cl0p used it to breach thousands of organizations.
Cleo MFT CVE-2024-50623 Supply Chain Postmortem
Cleo's managed file transfer products became the next MOVEit. A postmortem on CVE-2024-50623, the Cl0p exploitation, and the file-transfer software risk class.
MOVEit Vulnerability Mass Exploitation: A Field Analysis
Inside the Cl0p ransomware gang's zero-day attack on Progress MOVEit Transfer, the CVE-2023-34362 timeline, and the supply chain lessons it exposed.
MOVEit Breach Impact Assessment: The Cl0p Campaign's Fallout
The MOVEit breach became one of the largest data theft incidents in history. Here's an assessment of the damage and what organizations should learn.