![\"\"](\"\/\/www.iser-br.com\/Themes\/Release\/images\/responsive\/ettelecom-default.jpg\")
<\/strong>
SAN FRANCISCO: Hackers have stolen data from the systems of a number of users of the popular file transfer tool MOVEit Transfer<\/a>, U.S. security researchers said on Thursday, one day after the maker of the software disclosed that a security flaw had been discovered.
Software maker Progress Software<\/a>, after disclosing the vulnerability on Wednesday, said it could lead to potential unauthorized access into users' systems.
The managed file transfer software made by Burlington, Massachusetts-based Progress allows organizations to securely transfer files and data between business partners and customers, and according to the company is used by thousands of organizations.
Google<\/a>'s Mandiant consulting<\/a> and cybersecurity<\/a> firm Rapid7<\/a> disclosed on Thursday that they had found a number of cases in which the flaw had been exploited to steal user data.
It wasn't immediately clear how many users were impacted, but Mandiant Consulting<\/a> said it was investigating \"several\" intrusions linked to the bug.
It was not known when the flaw was discovered by hackers. A Progress Software<\/a> spokeswoman didn't immediately respond to a request for further comment.
\"Mass exploitation and broad data theft<\/a> has occurred over the past few days,\" Charles Carmakal, chief technology officer of Mandiant Consulting, said in a statement.
Such \"zero-day,\" or previously unknown, vulnerabilities in managed file transfer solutions have led to data theft<\/a>, leaks, extortion and victim shaming in the past, according to Mandiant.
\"Although Mandiant does not yet know the motivation of the threat actor, organizations should prepare for potential extortion and publication of the stolen data,\" Carmakal added.
Rapid7<\/a> said it had noticed an uptick in cases of compromise linked to the flaw since it was disclosed.
Progress, in a statement on Wednesday, outlined steps users at risk can take to mitigate the impact of the security vulnerability.
<\/body>","next_sibling":[{"msid":100690804,"title":"India Inc wants to explore if Generative AI plugins will replace or augment headcount: Microsoft","entity_type":"ARTICLE","link":"\/news\/internet\/india-inc-wants-to-explore-if-generative-ai-plugins-will-replace-or-augment-headcount-microsoft\/100690804","category_name":null,"category_name_seo":"internet"}],"related_content":[],"msid":100690929,"entity_type":"ARTICLE","title":"Hackers use flaw in popular file transfer tool to steal data, U.S. researchers say","synopsis":"Software maker Progress Software, after disclosing the vulnerability on Wednesday, said it could lead to potential unauthorized access into users' systems.","titleseo":"internet\/hackers-use-flaw-in-popular-file-transfer-tool-to-steal-data-u-s-researchers-say","status":"ACTIVE","authors":[],"Alttitle":{"minfo":""},"artag":"Reuters","artdate":"2023-06-02 08:00:09","lastupd":"2023-06-02 08:07:23","breadcrumbTags":["MOVEit Transfer","progress software","internet","data sharing","cybersecurity","Google","Rapid7","data theft","Mandiant Consulting"],"secinfo":{"seolocation":"internet\/hackers-use-flaw-in-popular-file-transfer-tool-to-steal-data-u-s-researchers-say"}}" data-authors="[" "]" data-category-name="Internet" data-category_id="17" data-date="2023-06-02" data-index="article_1">
旧金山:黑客窃取数据的系统用户数量的文件传输工具MOVEit转移美国安全研究人员周四表示,一天后软件的制造商透露,一个安全缺陷被发现。
软件制造商软件进展周三披露漏洞后,说这可能会导致潜在的未经授权的访问到用户的系统。
托管文件传输软件由伯灵顿,马萨诸塞州的进步使组织能够安全地传输文件和数据业务合作伙伴和客户之间,根据该公司使用成千上万的组织。
谷歌的Mandiant公司咨询和网络安全公司Rapid7周四透露,他们发现的病例数的缺陷已经利用窃取用户数据。
目前还不清楚有多少用户的影响,但是Mandiant公司咨询说,它正在调查“几个”入侵与错误。
还不知道当缺陷被黑客发现。一个软件进展发言人没有立即回应记者的进一步置评的请求。
“大规模开发和广泛数据失窃发生在过去的几天里,”查尔斯•Carmakal Mandiant公司首席技术官咨询,在一份声明中说。
这种“零日”,或未知的,在管理漏洞导致了文件传输解决方案数据失窃、泄漏、勒索和羞辱受害者过去,根据Mandiant公司。
“虽然Mandiant还不知道威胁的动机演员,组织应该准备的潜在敲诈勒索和出版偷来的数据,“Carmakal补充道。
Rapid7表示,它已注意到妥协的情况下增加缺陷披露以来有关。
进步,周三在一份声明中,列出用户的风险可以采取的措施来减少安全漏洞的影响。
评论
现在评论 阅读评论(1)所有评论
找到这个评论进攻?
下面选择你的理由并单击submit按钮。这将提醒我们的版主采取行动