What we know about the MOVEit vulnerabilities and compromises

The financially-motivated Clop ransomware group has initiated an attack spree by exploiting a zero-day vulnerability in Progress Software’s MOVEit file transfer service. This has led to stealing customers’ data, affecting hundreds of organizations for around four months as per Trustwave’s report. Well-known organizations have confirmed that personal identifiable information of their employees was compromised. The Cybersecurity and Infrastructure Security Agency and FBI expect to see widespread exploitation of unpatched software services in both private and public networks.