October 15, 2023 at 11:00PM
The US Securities and Exchange Commission (SEC) is investigating Progress Software’s MOVEit file transfer software following a data breach. Progress admitted to receiving a subpoena from the SEC and stated that it is facing multiple class-action lawsuits and other litigation over the breach. Progress also disclosed that it has received letters from customers claiming financial losses and is being investigated by data privacy regulators and law enforcement agencies. In addition, vulnerabilities in Fortinet’s security products and various industrial control systems have been identified, with patches available for some of the issues. The US Cybersecurity and Infrastructure Security Agency has expanded its resources for preventing ransomware infections, including a catalog of known exploited vulnerabilities and a list of misconfigurations and weaknesses commonly used in ransomware campaigns. Lastly, over 17,000 WordPress websites have been affected by a cross-site scripting vulnerability in a plugin used by tagDiv, a premium theme maker. Injection attacks on websites can be used to steal personal information and credentials.
Takeaways from the meeting notes:
1. Progress Software is facing investigations and litigation due to the exploitation of bugs in its MOVEit file transfer software. The US Securities and Exchange Commission (SEC) is investigating the matter, and multiple parties are seeking compensation.
2. Progress admitted to receiving a subpoena from the SEC, but stated that the investigation does not mean that they have violated securities laws. They intend to fully cooperate with the investigation.
3. Progress is facing 58 class-action lawsuits and formal letters from 23 MOVEit customers seeking indemnification. They are also facing a subrogation claim from an insurer.
4. Progress is cooperating with inquiries from domestic and foreign data privacy regulators, state attorneys general, and an unnamed federal law enforcement agency.
5. Another Progress file transferring app, WS_FTP, has also been found to have exploits, but it received minimal mention in the SEC filing. Progress has patched the issues and acknowledged active exploitation.
6. Fortinet released security updates for FortiSIEM, FortiManager, and FortiAnalyzer, addressing critical vulnerabilities such as privilege escalation.
7. The US Cybersecurity and Infrastructure Security Agency (CISA) has added two new initiatives to its Ransomware Vulnerability Warning Pilot program. One is a new column in the Known Exploited Vulnerabilities catalog that indicates if an exploited weakness is used in ransomware campaigns. The second is a list of Misconfigurations and Weaknesses Known to be Used in Ransomware Campaigns.
8. Over 17,000 WordPress websites were affected by a cross-site scripting vulnerability in a Composer plugin used by tagDiv, a WordPress premium theme maker. The vulnerability allowed attackers to inject malicious code into websites.
These are the main points from the meeting notes. Let me know if you need any further information.