Fidelis Cybersecurity, a global leader in advanced cybersecurity solutions, released updates to protect customers against the MOVEit privilege escalation vulnerability (CVE-2023-35708). This vulnerability is being actively exploited in the wild and has affected multiple organizations. A successful exploit could allow threat actors to take control of affected systems.
Fidelis Cybersecurity put detections in place to protect Fidelis Network customers, and has enabled retrospective queries so customers can determine any potential impacts prior to these updates. Fidelis Network customers have automatically received those updates.
"Having retrospective analysis in place pays big dividends when dealing with zero-day vulnerabilities. Given the complexity of systems and the constantly evolving nature of threats, having adequate visibility, detection, and response capabilities enables security teams to quickly assess damage, understand system impacts, and clean up any compromised systems," said Chris Kubic, CISO at Fidelis Cybersecurity.
The Fidelis Threat Research Team is continually tracking MOVEit exploits and implementing ongoing improvements for customer defenses as new information arises.
Amol Sarwate, VP of Threat Research at Fidelis Cybersecurity stated, "We continue receiving hits from our telemetry for MOVEit, which indicates ongoing attacks. We are actively monitoring sandbox activity, external feeds, telemetry data, and the rules we have in place to help customers defend their organizations."
As organizations face an evolving threat landscape, Fidelis Cybersecurity remains at the forefront, delivering innovating solutions that help ensure customer success against sophisticated cybercrimes and nation-state threats.
About Fidelis Cybersecurity
Fidelis Cybersecurity®, the industry innovator in proactive cyber defense solutions, safeguards modern IT environments with unparalleled detection, deception, response, cloud security, and compliance capabilities. We offer full visibility across hybrid environments via deep, dynamic asset discovery, multi-faceted context, and continuous risk assessment. These features help minimize attackable surface areas, automate exposure prevention, threat detection, and incident response, and provide the context, accuracy, speed, and portability security professionals need to find and neutralize adversaries earlier in the attack lifecycle. With Fidelis Cybersecurity, organizations remain resilient through cyber-attacks and emerge stronger and more secure. Fidelis Cybersecurity is trusted by many top commercial, enterprise, and government agencies worldwide. For more information, please visit http://www.fidelissecurity.com/.