New MOVEit Vulnerability: What to Do NOW to Protect Your Organization

On May 31, 2023 Progress disclosed CVE-2023-34362, a critical (CVSS 9.8) SQL injection in MOVEit Transfer that has been exploited in the wild by the Cl0p (TA505) ransomware group for data exfiltration; CISA added it to the Known Exploited Vulnerabilities catalog and FBI/CISA published an advisory. The report provides affected versions, exploitation details, IOCs and TTPs, and vendor and Fidelis guidance to immediately patch, block HTTP/S access, and review detections.