November 20, 2024 at 03:58PM Finastra confirmed a cybersecurity incident involving compromised credentials on November 7, 2024, with a threat actor selling stolen data. An investigation shows no evidence of broader breaches beyond their Secure File Transfer Platform. The impact assessment is ongoing, and affected clients will be contacted directly. Finastra previously faced a ransomware … Read more
June 26, 2024 at 11:21AM A critical security flaw CVE-2024-5806 impacting Progress Software MOVEit Transfer enables attackers to bypass SFTP authentication, with exploitation attempts already reported. Researchers emphasize risks and urge immediate action, including patching and restricting server access. The flaw affects numerous systems worldwide, making prompt updates essential. CISA also disclosed a recent cybersecurity … Read more
June 26, 2024 at 06:05AM Progress Software announced patches for two critical authentication bypass vulnerabilities affecting its MOVEit Transfer file transfer software. CVE-2024-5805 and CVE-2024-5806 were identified, with the latter already targeted by exploitation attempts. The company enacted patches for both, with further mitigations for CVE-2024-5806’s third-party component vulnerability, amidst heightened security concerns. After reviewing … Read more