secbro42⚠️ Critical: Unauthenticated attackers can extract plain-text creds from vulnerable Progress Sitefinity web services, exp
#credentialexposure #cve #cybersecurity #insightvulnerability #iso27001 #progresssoftware #sitefinityvulnerability
Analyst207Progress Warns of MOVEit Automation Authentication Bypass Flaw
Progress Software has patched a critical authentication-bypass flaw in its MOVEit Automation product, and is strongly urging users to upgrade to the latest version to avoid low-complexity attacks by remote threat actors. Upgrading to version 2025.1.5, 2025.0.9, or 2024.1.8 and above will fix the vulnerability.
#MoveitAutomation #AuthenticationBypass #Cve20264670 #ManagedFileTransfer #ProgressSoftware
Xavier Ashe 
I'm pissed off at the Progress (sic) Software, the new owners of #Fiddler. They took #FiddlerCap down. You have to buy their huge "Fiddler Everywhere Reporter" suite. Does anyone know of a good replacement for FiddlerCap?
#ProgressSoftware
https://www.telerik.com/fiddler/fiddlercap
#ProgressSoftware
https://www.telerik.com/fiddler/fiddlercap
gtbarryPersonal Data Breached for Nearly 1 Million Medicare Enrollees
Protected health information for nearly 1 million Medicare beneficiaries may have been compromised by a 2023 “security vulnerability” in software used by a Medicare contractor in Wisconsin
#MOVEit #ProgressSoftware #Medicare #Wisconsin #healthcare #healthtech #databreach #security #cybersecurity #infosec #hackers #hacking #hacked
Paul ShreadBetween Black Hat, DEF CON and Patch Tuesday, it's a very good week to be working closely with the Cyble threat intelligence team. Here are six 9.8-severity vulnerabilities and a perfect 10 at high risk of exploits, and more.
#VulnerabilityManagement #PatchManagement #AttackSurfaceManagement #ThreatIntelligence #Security #Cybersecurity #BlackHat #BHUSA #DEFCON #PatchTuesday #SAP #Microsoft #Ivanti #AMD #Cisco #ProgressSoftware #SolarWinds
https://thecyberexpress.com/top-vulnerabilities-sap-ivanti-amd-microsoft/
🖱🛠👉👕👈 SOSOrdinet 🎣🖥️🐛 🗞️“Nous exhortons fortement tous les clients de #MOVEit Transfer” : à nouveau, vulnérabilités critiques de MOVEit ! (patch disponible…)
Hackers Accessed 632,000 Email Addresses at US Justice, Defense Departments
A Russian-speaking hacking group obtained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice as part of the sprawling MOVEit hack last summer
#russia #russian #DOJ #pentagon #military #email #cyberattack #Clop #MoveIt #ProgressSoftware #ransomware #malware #security #cybersecurity #hacked #hackers #hacking
MOVEit Hackers Accessed 632,000 Email Addresses at Defense, DOJ
A Russian-speaking hacking group obtained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice as part of the sprawling MOVEit hack last summer, according to a report on the wide-ranging attack obtained through a Freedom of Information Act request.
SEC is investigating MOVEit mass-hack, says Progress Software
U.S. securities regulators have opened a probe into the MOVEit mass-hack that has exposed the personal data of at least 64 million people.
Progress also said in the filing that it expects to see minimal financial impact from the MOVEit mass-hacks, despite the broad scale of the incident.
#SEC #Clop #MoveIt #ProgressSoftware #ransomware #malware #security #cybersecurity #hacked #hackers #hacking
https://techcrunch.com/2023/10/11/sec-is-investigating-moveit-mass-hack-says-progress-software/
🛡 
"🚨 Critical Vulnerabilities Unearthed in WS_FTP Server by Progress Software 🚨"
Progress Software has issued a warning regarding multiple critical vulnerabilities found in its WS_FTP Server. The vulnerabilities span a range of issues including .NET deserialization, directory traversal, SQL injection, and cross-site scripting, with severity scores ranging from 5.3 (Medium) to a whopping 10.0 (Critical). The most severe among them, CVE-2023-40044 and CVE-2023-42657, could potentially allow attackers to execute remote commands on the WS_FTP Server operating system and perform unauthorized file operations respectively. Progress has rolled out patches to address these vulnerabilities, urging users to upgrade to the latest version, 8.8.2, to safeguard against exploitation.
The article is penned by Eswar on October 2, 2023, who is known for his engaging cybersecurity content. This discovery sheds light on the importance of regular security audits and timely patch management to thwart potential cyber threats. 🛡️🔐
Source: GBHackers
Tags: #CyberSecurity #Vulnerability #WS_FTP #ProgressSoftware #PatchManagement #InfoSec #CVE202340044 #CVE202342657
Progress Software Warns of Critical Vulnerability in WS_FTP Server
Multiple vulnerabilities have been discovered in Progress’s WS_FTP which include .NET deserialization, directory traversal, reflected cross-site scripting (XSS), SQL injection, stored cross-site scripting
Cybernews#ProgressSoftware, the company behind the #MOVEit Transfer tool which hackers exploited to breach thousands of businesses, said its WS_FTP Server #software needs to be patched for a maximum severity bug.
#databreach #tech #cybersecurity #infosec