MOVEit Transfer Exploit Connected to Ransomware Group

The recent MOVEit Transfer zero-day attacks have been linked to a known ransomware group that has exploited a critical SQL injection vulnerability to steal data from dozens of organizations. While Microsoft linked it to the Cl0p ransomware group, Mandiant attributed the attacks to UNC4857. Either update the software or, if updating is not feasible for your organization, it is recommended to disable HTTP(s) traffic to MOVEit Transfer.