On Thursday 25 May 2023, Progress Software — an American vendor most people had never heard of — published an advisory titled "CVE-2023-34362: Critical SQL injection in MOVEit Transfer". It was a dull Friday afternoon notification, of the kind that CISOs see dozens of every week and most push to Monday morning. That Friday evening and the weekend that followed, while most American and European IT departments were drinking beer and barbecuing, strange things began happening in SOCs around the world.
MOVEit and the door already open
Premium member benefits
Enjoyed this essay? There are more where it came from.
Members get the complete premium library — templates, runbooks, threat briefings and long-form essays — plus one free premium assessment every month.