![]() If your GoAnywhere MFT administration portal is exposed to the Internet, you are under urgent advice to download the security patch from the Product Downloads tab at the top of the GoAnywhere account page which you will see after logging in. The Web Client interface, which is the one that is normally accessible from the public internet, is not susceptible to this exploit, only the administrative interface. Recent scans showed that around 1,000 administrative consoles are publicly exposed to the internet. It is unknown whether these victims were targeted during the time that there was no patch available for the vulnerability or later. ![]() The CVE of the exploited vulnerability is CVE-2023-0669, and described as a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. At least two of them reportedly have been breached using the GoAnywhere MFT vulnerability. At the time it was impossible to confirm this claim, but after two earlier victims, Community Health Systems (CHS) and Hatch Bank disclosed that data was stolen in the GoAnywhere MFT attacks, the Clop leak site now shows seven new companies. The day after the release of the GoAnywhere patch, the Clop ransomware gang contacted BleepingComputer and said they had used the flaw over ten days to steal data from 130 companies. Some of these organizations are considered vital infrastructure such as local governments, financial companies, healthcare organizations, energy firms, and technology manufacturers. According to its website, it caters to more than 3,000 organizations, predominantly ones with over 10,000 employees and 1B USD in revenue. ![]() GoAnywhere MFT, which stands for managed file transfer, allows businesses to manage and exchange files in a secure and compliant way. ![]() According to information gathered by BleepingComputer, the Clop ransomware group has claimed responsibility for the ransomware attacks that are tied to a vulnerability in the Fortra GoAnywhere MFT secure file-sharing solution.Īs we reported on February 8, Fortra released an emergency patch (7.1.2) for an actively exploited zero-day vulnerability found in the GoAnywhere MFT administrator console.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |