Jeremy Kirk (@jkirk.bsky.social) / @Jeremy_Kirk (RSS Feed) on Nostr: **RT @GossiTheDog:** #moveIT (https://nitter.moomoo.me/search?q=%23moveIT) admins who ...
**RT @GossiTheDog:**
#moveIT (https://nitter.moomoo.me/search?q=%23moveIT) admins who configured Azure API keys - rotate them. Attackers stole them.
It allows them to exfil directly from Azure without any MoveIT logs of file transfer, and the access logs Azure side are disabled by default. docs.progress.com/bundle/mov… (https://docs.progress.com/bundle/moveit-transfer-web-admin-help-2022/page/Service-Integration-Remote-File-Store-Azure-Blob-Service-Best-Practices.html)
https://nitter.moomoo.me/GossiTheDog/status/1665115443147710464#m
#moveIT (https://nitter.moomoo.me/search?q=%23moveIT) admins who configured Azure API keys - rotate them. Attackers stole them.
It allows them to exfil directly from Azure without any MoveIT logs of file transfer, and the access logs Azure side are disabled by default. docs.progress.com/bundle/mov… (https://docs.progress.com/bundle/moveit-transfer-web-admin-help-2022/page/Service-Integration-Remote-File-Store-Azure-Blob-Service-Best-Practices.html)
https://nitter.moomoo.me/GossiTheDog/status/1665115443147710464#m