Overview
Progress MOVEit Transfer is a secure file transfer solution that is used in the finance, healthcare, manufacturing sector and by I.T. services.
Progress (formerly ipswitch) has reported a critical SQL injection vulnerability in the MOVEit Transfer web application.
Progress has recommended that immediate action is taken to mitigate the possibility of unauthorised access to the MOVEit Transfer environments. There have been reports of active exploitation of this vulnerability by the Cl0p ransomware group.
Google has reported a high-severity, zero-day vulnerability in Google Chrome that is being exploited by threat-actors. Google is providing an update that consists of two security fixes.
Splunk has released updates for several products: Splunk Enterprise, Splunk Cloud, Splunk Universal Forwards, Splunk App for Stream and Splunk App for Lookup File Editing. Five vulnerabilities have been identified as being high-impact.
Recommended Action
Organisations are encouraged to review the appropriate security and advisory pages and apply any recommended updates:
Progress – Article
Google Chrome – Chrome Releases
Splunk – Security Alerts
If you have any concerns, or have been affected by a cyber-related issue, report it to us by submitting a Cyber Concerns Online Reporting Form.