Action1 Corporation, a provider of the #1 risk-based patch management platform designed for work-from-anywhere enterprises, announced today the launch of a free tool designed to empower IT teams in detecting compromised MOVEit instances and defending against ransomware attacks exploiting this vulnerability.
MOVEit, a managed file transfer software developed by Progress Software, has been extensively utilized by thousands of IT departments in the financial, healthcare, and government sectors. Recently, a critical vulnerability (CVE-2023-34362) has emerged in MOVEit, enabling unauthorized access to the MOVEit Transfer’s database and the potential alteration or deletion of its elements. Exploiting this vulnerability, hackers have already impacted over 130 organizations and millions of individuals.
To help organizations mitigate the threat of MOVEit vulnerability, Action1 releases the following capabilities, free for the first 100 endpoints:
- Built-in instant “MOVEit Vulnerability Status” report. Check all endpoints for compromised instances of MOVEit Secure Managed File Transfer with exploited CVE-2023-34362 vulnerability.
- Software inventory. Gain visibility into all vulnerable instances of MOVEit within your network.
- Automated scripting and patching capabilities. Once compromised servers have been detected, users can run automated scripts to remove the compromised file from all affected servers and install the necessary patch, simplifying the process and saving time.
“What is particularly concerning is that 2,500 vulnerable MOVEit Transfer instances are exposed to the Internet, according to researchers. As a result, we might anticipate an increasing number of companies falling victim to ransomware attacks,” warns Mike Walters, VP of Vulnerability and Threat Research and co-founder of Action1.