Security News > 2023 > August > The MOVEit hack and what it taught us about application security

The MOVEit hack was not the same as classic ransomware attacks for which groups like Clop initially gained notoriety.
Emerging digital forensic analysis from the aftermath of MOVEit suggests the hackers knew about the zero-day flaw in MOVEit as far back as 2021 when they tested it out covertly to see how much access they could get.
The MOVEit hack progressed from manually testing the SQL injection flaw to exploiting large numbers of organizations with it in an automated way.
The actual hack worked by exploiting the SQL vulnerability to install a backdoor in MOVEit that facilitated data downloads from organizations using the file transfer solution.
BBC. The world's media took swift note of the MOVEit hack when it emerged the UK's state broadcaster was one of the victims.
Sporadic or infrequent penetration testing won't suffice to secure your network or apps from incidents like the MOVEit hack.
News URL
Related news
- A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) (source)
- Week in review: PostgreSQL 0-day exploited in US Treasury hack, top OSINT books to learn from (source)
- Ex-NSA boss: Election security focus helped dissuade increase in Russian meddling with US (source)
- US defense contractor cops to sloppy security, settles after infosec lead blows whistle (source)