An attack exploiting CVE-2023-34362, a zero-day vulnerability in the MOVEit file transfer software, was disclosed at the start of June, with additional victims still being uncovered. The vulnerability is an SQL injection vulnerability that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. The attack was carried out by at least one threat who gained unauthorized access to the software and stole sensitive data from affected organizations.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. The Cl0p attack is all over the news here in the UK. Looks pretty dreadful for all those concerned…

Today, Fireblocks integrates with Metamask Institutional to provide the best wallet security, portfolio management, and DeFi access for institutional investors and traders. Fireblocks users will now be able to access MMI’s extensive suite of portfolio management solutions and DeFi access to invest, trade, lend, and borrow on over 17,000 dApps. The integration will enable Fireblocks users to monitor and manage their DeFi portfolio from a single platform.

The latest video in our Snyk Partner Speak Series showcases how Snyk and Dynatrace bring complementary capabilities to different parts of the DevSecOps lifecycle. Check it out and learn how the integration enables organizations to observe, investigate, fix, and govern with a single solution. The Snyk DevSecOps Lifecycle Coverage App is the newest milestone in the Snyk and Dynatrace strategic alliance.

Box is a content cloud that helps organizations securely manage their entire content lifecycle from anywhere in the world, powering over 67% of Fortune 500 businesses. As a cloud-first SaaS, the company provides customers with an all-in-one content solution within a highly secure infrastructure, where organizations can work on any content, from projects and contracts to Federal Risk and Authorization Management Program (FedRAMP)-related content.

On June 7th, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory highlighting the recent efforts of threat actors to disseminate CL0P ransomware. The various malicious indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) being leveraged by the threat actors are listed in US-CERT Alert (AA23-158A) – CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability.

NOTE: The MOVEit Transfer vulnerability remains under active exploitation, and Kroll experts are investigating. Expect frequent updates to the Kroll Cyber Risk blog as our team uncovers more details. On June 5, 2023, the Clop ransomware group publicly claimed responsibility for exploitation of a zero-day vulnerability in the MOVEit Transfer secure file transfer web application (CVE-2023-34362).

I recently had a chance to speak with Chris Mellor at Block and Files about the emergence of Velero as the standard for Kubernetes data protection. I shared some ballpark estimates of market share across open source and commercial vendors to make my case. These numbers were obtained through diligent market research. They are estimates, but they are not imaginary.

Harvard Pilgrim Health Care is an insurance provider that offers non-profit healthcare to residents in a variety of different states, including New Hampshire, Maine, Connecticut, and Massachusetts. The company generates more than $622 million in revenue annually and employs over 4,400 people during its regular operations. It works with millions of patients, and a mix of those patients was exposed in the recent data breach impacting that company.

Learn how the Synopsys Polaris Software Integrity Platform® offers ease-of-use for even the most complex environments. The ongoing mantra of software developers is that they’re happy to include security in their development stream—but only if it doesn’t slow them down. Because the pressure for speed in development trumps the pressure for security. So over the past decade, software security teams have focused enormous energy on achieving that speed, with automated tools and services.