On May 27, 2023, CISA cybersecurity advisory announced that a previously unknown SQL injection vulnerability (CVE-2023-34362) was exploited in Progress Software’s managed file transfer software, MOVEit Transfer.
Progress Software’s MOVEit vulnerability impacts on-premises and cloud-based versions of its file-transfer service. The actively exploited SQL injection vulnerability allows threat actors to escalate privileges and gain unauthorized access to customer environments.
On August 11th, the Colorado Department of Health Care Policy and Financing (HCPF) notified more than 4 million individuals that their personal healthcare data was exposed in the MOVEit breach. The files contained full names, Social Security numbers, Medicaid and Medicare ID numbers, birth dates, home addresses, demographic and income information, clinical and medical information, and health insurance information.
The MOVEit vulnerability is another example of why risk and vulnerability management are needed to protect organizations from these ongoing cyber threats. To that end, Ridge Security has developed RidgeBot® plugins that detect and exploit the MOVEit vulnerability before it can impact organizations.
RidgeBot addresses a broad spectrum of cybersecurity exposures across an organization’s digital environment, and our plugin library now includes CVE-2023-34362. The screenshots below show RidgeBot discovering the MOVEit vulnerability, its attack logs, and evidence of the MOVEit Exploit.
Figure 1: RidgeBot discovers MOVEit Vulnerability
Figure 2: RidgeBot MOVEit Attack Logs
Figure 3: Evidence of MOVEit Exploit
RidgeBot automated pentesting eradicates the threat of CVE exposures like MOVEit
Staying ahead of potential threats constantly challenges security teams in the ever-evolving cybersecurity landscape. Even the most fortified systems can have vulnerabilities that malicious actors exploit. The risk is amplified within critical industries like healthcare. This is where opportunistic cyber criminals, such as the CI0P ransomware gang, demonstrate their innovative techniques through their creation of the MOVEit hack.
RidgeBot automated penetration testing is a crucial ally for all organizations, enabling them to uncover weaknesses, vulnerabilities, and exposures lurking within their digital assets. RidgeBot automated pentesting drastically narrows the timeframes for hackers to seize opportunities – compressing them from months to hours. This is achieved by running tests when network configurations change, new applications are released, or user groups are allocated.
Ridge Security is in the business of outsmarting cybercrime
At the heart of Ridge Security’s RidgeBot automated penetration testing lies collective threat intelligence, vulnerability insights, and AI-powered decision-making. Armed with cutting-edge ethical hacking methodologies, RidgeBot simulates the actions of a genuine attacker. Unyielding in its pursuit, it identifies, exploits, and meticulously documents its findings.
RidgeBot discovers attack vectors, validates vulnerabilities, and provides actionable recommendations for remediation, all before hackers capitalize on them. RidgeBot’s continuous, automated testing empowers defenders to proactively fortify the security fabric across every facet of their digital domain. And it’s easy to use without requiring highly skilled personnel.
To learn more about how RidgeBots can harden your defenses, please click here to contact us.