Millions of individuals, numerous businesses, U.S. government entities, and academic institutions are targeted in a hacking campaign orchestrated by the Russia-linked ransomware group Cl0P. The attack exploits a vulnerability in the widely utilized MOVEit file transfer tools. The hackers selectively pilfer information stored exclusively within the file-transfer application at the precise moment of intrusion, refraining from broader access.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory in response to this critical situation. It is actively assisting multiple federal agencies grappling with the breach’s aftermath. Urgent action is imperative, with available patches crucial for mitigating the risks associated with the vulnerability.
The HCL BigFix Critical Emergency Response Team (CERT) is swiftly addressing this zero-day vulnerability. Leveraging the BigFix endpoint management software, they aid users in pinpointing the presence of MOVEit within their organizational infrastructure and identifying affected versions.
Organizations equipped with the BigFix CISA Known Exploited Vulnerabilities Content Pack can access the audit fixlet promptly. The BigFix Team, recognizing the severity of the threat, has also included the audit fixlet in the Updates for Windows Applications content site. Additionally, a software signature is being developed for licensed users of the BigFix Inventory, to facilitate the identification of all instances of the MOVEit tool.
Every day, BigFix, advanced endpoint management software, empowers organizations to swiftly address
vulnerabilities by providing comprehensive insights, immediate identification of potential threats, ongoing system analysis, historical reporting on software changes, validation of security policies, and rapid system recovery through operating system deployment or imaging.
Get detailed information here