August 7, 2024 at 06:42PM Progress Software’s handling of a MOVEit Transfer zero-day flaw, leading to data exposure of 95 million people, was investigated by the SEC. However, in a recent filing, the SEC’s Division of Enforcement will not recommend any enforcement action regarding the security incident. Progress Software still faces numerous class-action lawsuits despite … Read more
June 26, 2024 at 11:21AM A critical security flaw CVE-2024-5806 impacting Progress Software MOVEit Transfer enables attackers to bypass SFTP authentication, with exploitation attempts already reported. Researchers emphasize risks and urge immediate action, including patching and restricting server access. The flaw affects numerous systems worldwide, making prompt updates essential. CISA also disclosed a recent cybersecurity … Read more
June 26, 2024 at 06:05AM Progress Software announced patches for two critical authentication bypass vulnerabilities affecting its MOVEit Transfer file transfer software. CVE-2024-5805 and CVE-2024-5806 were identified, with the latter already targeted by exploitation attempts. The company enacted patches for both, with further mitigations for CVE-2024-5806’s third-party component vulnerability, amidst heightened security concerns. After reviewing … Read more