moveit
Safeguard articles tagged "moveit" — guides, analysis, and best practices for software supply chain and application security.
7 articles
MOVEit Transfer (CVE-2023-34362) Explained: The SQL Injection Behind the Cl0p Mass Breach
CVE-2023-34362 is a SQL injection in Progress MOVEit Transfer that let unauthenticated attackers reach the database and drop a web shell. Cl0p used it to breach thousands of organizations.
Clop: Supply Chain Exploitation Tradecraft
Clop has turned supply chain exploitation into a repeatable playbook — MOVEit, GoAnywhere, Cleo. A look at the tradecraft that makes the campaign work.
Clop Ransomware and the MOVEit Campaign: Mass Exploitation at Scale
Clop's exploitation of MOVEit Transfer compromised over 2,500 organizations in one campaign, demonstrating a shift from traditional ransomware to mass vulnerability exploitation.
MOVEit Vulnerability Mass Exploitation: A Field Analysis
Inside the Cl0p ransomware gang's zero-day attack on Progress MOVEit Transfer, the CVE-2023-34362 timeline, and the supply chain lessons it exposed.
Progress MOVEit: Second Critical Vulnerability Discovered Amid Breach Fallout
While organizations were still reeling from the first MOVEit zero-day, a second critical vulnerability was found — raising questions about the product's security.
MOVEit Breach Impact Assessment: The Cl0p Campaign's Fallout
The MOVEit breach became one of the largest data theft incidents in history. Here's an assessment of the damage and what organizations should learn.
MOVEit Transfer CVE-2023-34362: The Zero-Day That Hit Thousands
The MOVEit Transfer SQL injection zero-day exploited by Cl0p ransomware gang became 2023's most impactful vulnerability. Here's the full technical analysis.