MOVEit Vulnerability Investigations Uncover Additional Exfiltration Method
Jul 24, 2023
by Devon Ackerman, Steven Coffey, Josh Mitchell, Dan Cox

Josh Mitchell is a Senior Vice President and Malware Analysis and Reverse Engineering Lead in the Cyber Risk business, based in San Antonio.
Josh leverages more than a decade of experience as an information security researcher, and he is an expert at discovering and exploiting vulnerabilities, writing code to protect operating systems and programs, and reverse engineering malicious software.
Prior to joining Kroll, Josh was a Principal Cybersecurity Consultant at Nuix, handling reverse engineering and tool development. Before that, he served in the United States Air Force, where he assisted in investigations vital to national security.
Josh holds a bachelor’s degree in computer science from Park University and a master’s degree in data science from Southern Methodist University. Additionally, he is a Certified Information Systems Security Professional (CISSP), and he holds a GIAC Reverse Engineering Malware (GREM) certification.
Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.
Kroll’s Malware Analysis and Reverse Engineering team draws from decades of private and public-sector experience, across all industries, to deliver actionable findings through in-depth technical analysis of benign and malicious code.
Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.
Our expertise allows us to identify and analyze the scope and intent of advanced persistent threats to launch a targeted and effective response.
Improve investigations and reduce your potential for litigation and fines with the strict chain-of-custody protocol our experts follow at every stage of the data collection process.
Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.
Threat intelligence are fueled by frontline incident response intel and elite analysts to effectively hunt and respond to threats.