MOVEit secure file transfer compromised

A security advisory and advice has been issued by Progress for their popular secure file transfer software MOVEit. The flaw could give elevated privileges to threat actors to exfiltrate information that the client considers secure, without the client detecting the activity.

Progress Software Releases Security Advisory for MOVEit Transfer | CISA

and

MOVEit Transfer Critical Vulnerability (May 2023) – Progress Community

Because of the nature of what this software is used for – securely transferring sensitive data – the mitigation in the advice should be carried out immediately.

My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.

CISA also releases industrial control system advisories – if you are responsible for these types of systems you should monitor their news page:

Current Activity | CISA