• Is MoveIT a big thing to worry about?

    Home » Forums » Newsletter and Homepage topics » Is MoveIT a big thing to worry about?


    If you’ve seen the news you may have heard about the MoveIT vulnerability. It’s a piece of software that many BIG businesses and goverments used to tr
    [See the full post at: Is MoveIT a big thing to worry about?]

    Susan Bradley Patch Lady/Prudent patcher

    4 users thanked author for this post.
    Viewing 8 reply threads
    • #2566898

      Does anyone else find it odd that a site with a security article won’t let your browser even see anything on the page unless you enable scripts to run?  :-O That’s what I see at this link: https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023

      I use NoScript to make sure that malicious scripts can’t run when I visit an unknown site.  I’m starting to see more mainstream sites that are just  a blank page if their scripts can’t run.  It seems that webmasters don’t have much security training these days.  Sure, scripts can make your pages look all fancy, but they’re also an easy way for miscreants to send out nasty stuff to every system that visits.  🙁


    • #2566905

      If the government is hacked, we are in trouble.

      On permanent hiatus {with backup and coffee}
      offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
      offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
      online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender
    • #2566960

      An XKCD grapic that might describe this situation.


      5 users thanked author for this post.
    • #2566948

      The Office of Motor Vehicles got hit in Louisiana and they got everyone in the state’s info:


      2 users thanked author for this post.
    • #2567041

      If the government is hacked, we are in trouble.

      Government has been hacked.

      Millions of Americans’ personal data exposed in global hack

      Millions of people in Louisiana and Oregon have had their data compromised in the sprawling cyberattack that has also hit the US federal government, state agencies said late Thursday…

      U.S. Energy Dept gets two ransom notices as MOVEit hack claims more victims

      MOVEit Transfer and MOVEit Cloud Vulnerability

      Status: PATCHED Last Update: June 18, 2023

      ..June 18, 2023, We have not seen any evidence that the vulnerability reported on June 15 has been exploited. Taking MOVEit Cloud offline for maintenance was a defensive measure to protect our customers and not done in response to any malicious activity. Because the new vulnerability we reported on June 15 had been publicly posted online, it was important that we take immediate action out of an abundance of caution to quickly patch the vulnerability and disable MOVEit Cloud…

    • #2567051

      I froze my credit on the big three credit bureaus, Experian, Equifax, and TransUnion in 2017 after the Equifax data breach.


      I check my credit rating every month. If it starts to decline, there could be an I.D. theft problem. Every year the I check big three credit bureaus to make my credit reports are still frozen.

      Two years after the Equifax data breach, I got a CP01E notice from the IRS that someone had used my social security number to get a job i.e. Identity Theft. The IRS flagged my social # to prevent an impact on my taxes. It was likely a migrant worker that used my SS number to get a job.


      I’ve had no issues since the 2017 Equifax breach.

      Susan is right in saying, “be ready to put a freeze on your credit and log into your bank accounts to review activity.” It’s easy to do and provides some peace of mind.

    • #2567207

      US govt offers $10 million bounty for info on Clop ransomware

      The U.S. State Department’s Rewards for Justice program announced up to a $10 million bounty yesterday for information linking the Clop ransomware attacks to a foreign government.

      “Do you have info linking CL0P Ransomware Gang or any other malicious cyber actors targeting U.S. critical infrastructure to a foreign government? Send us a tip. You could be eligible for a reward,” tweeted the Rewards for Justice Twitter account…

      This new RFJ bounty comes after the Clop ransomware conducted data-theft attacks on companies worldwide using a zero-day vulnerability in the MOVEit Transfer security file transfer platform.

      The attacks started on May 27th, over the long U.S. Memorial Day holiday, with the Clop ransomware gang claiming to have stolen data from hundreds of companies.

      This week, Clop began extorting companies by listing their names on a data leak site, promising to start leaking data if a ransom was not paid…

    • #2567264

      Just fyi – Office of Motor Vehicles in Louisiana recommends freezing credit in item #1. In item #4.  to consider registering for a ssa.gov account. Keep in mind if your credit is frozen you will be unable to register for the ssa.gov account. Must thaw your credit to be able to set up the account.

      1 user thanked author for this post.
    • #2567391

      But that includes anyone NOT you trying to do the same thing!

      I’m not totally clear on what you mean by this, but I’ll give it try.

      When your freeze your credit, you are given a unique Freeze PIN number.  Only you have it.  To unfreeze, the PIN must be entered.

      So even if someone has your SS number, they cannot sign-in to an individual credit bureau to unfreeze it.  A SS is not part the sign-in process.


      • #2567395

        It keeps other people from setting up new accounts or borrowing money using your credit rating, ie, contacting the Credit Bureaus to see if you are worthy, how much you make, how often you haven’t paid your bills, etc. The accounts can be set up with password, 2FA, notifications, PIN like any other business.

        You can still use your credit cards. For you, it’s business as usual. But you have to unfreeze if you want to create a new account or make a loan, for as long as it takes you set it up. Then refreeze.

    Viewing 8 reply threads
    Reply To: Is MoveIT a big thing to worry about?

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: