My company used to use move it but got rid of it in 2017 because of security concerns. Allas our crappy outsourced Hr company didn’t.
My understanding of this attack is that the company
1) didn’t have IP access controls to limit machines that can talk to the moveit manager
2) didn’t have SSL client certificates to prevent a machine from connecting without a valid certificate
Now a sql injection really isn’t good, it’s not hard to protect against, both by sanitising inputs and using prepared statements, but that’s why we have defence in depth
My company certainly does. We use signiant to shift large files around, api is bound on a non routed network segment client certificate proxy to reach it.
Which is what makes it even more annoying when someone decides “oh I can save a few bob by giving our employees private information to the lowest bidder as the cost won’t fall on my departments budget”
My understanding of this attack is that the company
1) didn’t have IP access controls to limit machines that can talk to the moveit manager
2) didn’t have SSL client certificates to prevent a machine from connecting without a valid certificate
Now a sql injection really isn’t good, it’s not hard to protect against, both by sanitising inputs and using prepared statements, but that’s why we have defence in depth