Cadence Bank has agreed to a $5.25M settlement tied to the MOVEit data breach.

Eligible individuals may claim compensation for fraud losses, expenses, or opt for a cash payment and credit monitoring.

https://www.technadu.com/cadence-bank-reaches-5-25-million-moveit-data-breach-settlement-with-claims-up-to-10000/623075/

#Cybersecurity #DataBreach #MOVEit #Infosec

🚨 Would this get past your patching process?

CVE-2023-34362 (MOVEit Transfer)

A single SQL injection flaw

The scary part wasn’t the exploit.
It was how many fully patched orgs still got hit.
📘 Full CVE details & attack chain:
https://cvedatabase.com/cve/CVE-2023-34362
#MOVEit #DataBreach #CVE

#GetTheFuckUp #MoveIt

https://youtu.be/8VYZctI4eGY?si=4A556XDtkw1p1d95

Good strong workout today.
3 rounds, 310# on the sled,
Sled push, 40 ft
Sled pull, 40 ft
45# farmer carry , 80 ft

Usual drom.

#moveit #workouts

Is using std::move in C++ a real optimisation compared to just passing something by const reference and copying? Seems like it should be a tiny one, but it looks so scary.

I'm not sure if I like to move it, move it.

#c++ #c++ #moveit

Holiday Horror Stories: Why Hackers Love Long Weekends!

In this episode of Cyberside Chats, @sherridavidoff and @MDurrin break down real-life cyberattacks that hit during holiday weekends, including the infamous Kaseya ransomware attack and the MOVEit data breach.

You’ll hear:
• Why 91% of ransomware attacks happen outside business hours
• How hackers strategically time attacks around holidays—when your staff is least prepared
• Lessons from Krispy Kreme, Target, and even the Bank of Bangladesh
• Practical takeaways to harden your defenses before the next long weekend

📽️ Watch the video: https://youtu.be/pCuYx9nPXgk
🎧 Listen to the podcast: https://www.chatcyberside.com/e/cyber-attacks-on-holiday-weekends-a-growing-threat/

Plan ahead. Patch before you relax, and test your holiday response plan. Contact us if you need help with testing, policy development, or training.

#Cybersecurity #Ransomware #IncidentResponse #HolidayCyberAttacks #InfoSec #CybersideChats #LMGSecurity #CISO #RiskManagement #Kaseya #MOVEit #CyberThreats #Cyberaware #Cyber

New mass scanning activity may be the first step in another MOVEit attack.

Hackers are actively scanning the internet for exposed MOVEit systems—hundreds of unique IPs every day—suggesting the early stages of coordinated exploitation.

Threat intel firm GreyNoise warns this is the same pattern seen weeks before past mass attacks. Known MOVEit vulnerabilities, such as CVE-2023-34362 and CVE-2023-36934, are already being tested in the wild.

If your MOVEit Transfer instance is online and unmonitored, you may already be on an attacker’s target list.

Now’s the time to:
• Patch all known MOVEit vulnerabilities
• Limit public-facing access
• Monitor for scan activity and open ports
• Block IPs identified by threat intelligence feeds
• Harden file transfer environments and deploy honeypots if needed

Scanning isn’t random—it’s reconnaissance. Act now before scanning turns into breach.

Read the article for details: https://www.cuinfosecurity.com/scans-probing-for-moveit-systems-may-be-precursor-to-attacks-a-28832

#MOVEit #Cybersecurity #MassScanning #ThreatIntel #AttackSurface #LMGSecurity #Infosec #ITsecurity #databreach #CISO #DFIR #pentesting #pentest #penetrationtesting

Don't procrastinate if you were affected:

Citizens whose SSN was compromised in the MOVEit breach at the National Student Clearinghouse (NSC) have until May 26, 2025, to file a claim to be part of the $9.95 million class action settlement.

Eligible individuals are those whose Social Security number was included in the files affected by the MOVEit security incident between May 28 and May 31, 2023. See more details and access the claim form at the official settlement website: https://nscsettlement.com/

#databreach #EduSec #MOVEit #Clop