Sunday, July 14, 2024

Honeywell Server Compromised by MOVEit Hackers

A flaw was discovered in Progress MOVEit Transfer, a popular third-party online transfer application. By exploiting the flaw, attackers compromised multiple organizations, including U.S. Government agencies.

Honeywell is the recent victim of MOVEit Hackers as they gained Unauthorized access to a single MOVEit server.

Multinational firm Honeywell detected data that an unauthorized third party had accessed through the MOVEit app, including some personally sensitive information. 

“Honeywell immediately launched an investigation upon learning of the vulnerability in Progress MOVEit Transfer, a third-party web transfer application used by many companies.

The investigation detected unauthorized access on a single MOVEit server”, Honeywell reports.

The company’s primary business sectors are aircraft, building technologies, performance materials and technologies (PMT), and safety and productivity solutions (SPS).

Around 97,000 workers worldwide worked for the company in 2022, down from 113,000 in 2019.

As necessary, the corporation is getting in touch with the impacted people, clients, and partners.

Unauthorized Access to Servers

“All of our systems are fully online, and this has had no impact on company operations. At this time, we do not expect that the unauthorized access on the MOVEit server we used will have a material impact on our business operations”, Honeywell said.

Additionally, the same Progress MOVEit vulnerability has affected certain Honeywell suppliers, and as a result, their data may have been affected. 

Progress MOVEIt is the top secure Managed File Transfer (MFT) software. It is used by thousands of organizations across the world to give full visibility and control over file transfer activity.

MOVEit helps to satisfy compliance requirements, effortlessly assure the reliability of key business operations, and securely transmit sensitive data among partners, clients, users, and systems whether it is installed as-a-Service, in the Cloud, or locally.

The organization assesses the issue and takes necessary action as soon as one of these vendors reports that the data has been stolen.

The business claimed that its cybersecurity safeguards prevented the damage to this server and, before resuming service, completely patched and upgraded the Progress MOVEit app as soon as the provider’s updates were available.

“Our cybersecurity defenses limited the impact to this server and we fully patched and upgraded the Progress MOVEit app as soon as the patches were made available from the provider before restoring service”, the company said.

The company mentioned that they are in touch with certain law enforcement and regulatory agencies since the inquiry is still underway.

“We will assess and respond to any impacts as part of our ongoing investigation as we receive notification from suppliers that our data has been compromised,” the company stated.

“AI-based email security measures Protect your business From Email Threats!” – .


Latest articles

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing...

Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has...

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery,...

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept...

Hackers Created 700+ Fake Domains to Sell Olympic Games Tickets

As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has...

Japanese Space Agency Spotted zero-day via Microsoft 365 Services

The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that...

Top 10 Active Directory Management Tools – 2024

Active Directory Management Tools are essential for IT administrators to manage and secure Active...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles