Beware Cybercriminals Taking Advantage of Unpatched Vulnerability in Fortras GoAnywhere MFT

A recently discovered security flaw in Fortras GoAnywhere MFT managed file transfer application is being actively exploited in the wild. The vulnerability was first reported by security reporter Brian Krebs on Mastodon. It is a type of remote code injection that requires access to the administrative console of the application, so it is important that the systems are not exposed to the public internet. According to security researcher Kevin Beaumont, there are over 1,000 on-premise instances that are publicly accessible, mostly in the U.S. Fortra's advisory suggests that customers should review all administrative users and watch for any unrecognized usernames, especially those created by the system. This implies that Fortra is likely seeing follow-up attacks that involve the creation of new administrative or other users to take control of or maintain access to vulnerable target systems. The cybersecurity company said it is possible for malicious actors to exploit reused, weak, or default credentials to gain administrative access to the console. Unfortunately, there is no patch available for the zero-day vulnerability yet, although Fortra has released workarounds to remove the License Response Servlet configuration from the web. Vulnerabilities in file transfer solutions have become attractive targets for attackers, with flaws in Accellion and FileZen being used for data theft and extortion.

This Cyber News was published on thehackernews.com. Publication date: Sat, 04 Feb 2023 05:54:02 +0000


Cyber News related to Beware Cybercriminals Taking Advantage of Unpatched Vulnerability in Fortras GoAnywhere MFT

Exploit released for Fortra GoAnywhere MFT auth bypass bug - Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT software that allows attackers to create new admin users on unpatched instances via the administration portal. GoAnywhere MFT is a web-based ...
9 months ago Bleepingcomputer.com
Fortra's GoAnywhere MFT Software Faces Exploitation, No Evidence of Active Exploitation Detected - Reports on the exploitation of Fortra's GoAnywhere MFT file transfer software raised concerns due to the potential development of exploit code from a publicly released Proof of Concept. As of Thursday afternoon, there was no evidence of active ...
9 months ago Cysecurity.news
Beware Cybercriminals Taking Advantage of Unpatched Vulnerability in Fortras GoAnywhere MFT - A recently discovered security flaw in Fortras GoAnywhere MFT managed file transfer application is being actively exploited in the wild. The vulnerability was first reported by security reporter Brian Krebs on Mastodon. It is a type of remote code ...
1 year ago Thehackernews.com
Revealing a Way to Take Advantage of a Newly Discovered Security Flaw in GoAnywhere MFT - A security researcher has released proof-of-concept exploit code that can be used to perform unauthenticated remote code execution on vulnerable GoAnywhere MFT servers. GoAnywhere MFT is a web-based and managed file transfer tool designed to help ...
1 year ago Bleepingcomputer.com
Revealing a Vulnerability in GoAnywhere MFT that is Currently Being Abused - A security vulnerability in GoAnywhere MFT, a web-based and managed file transfer tool, has been actively exploited. The exploit code was released by Florian Hauser of Code White, which allows for unauthenticated remote code execution on vulnerable ...
1 year ago Bleepingcomputer.com
Emergency Fix Released for GoAnywhere MFT ZeroDay Vulnerability Being Exploited - Fortra has released an emergency patch to address a security flaw in its GoAnywhere MFT secure file transfer tool that is being actively exploited by attackers. The vulnerability allows them to gain remote code execution on vulnerable GoAnywhere MFT ...
1 year ago Bleepingcomputer.com
A Fix Released to Stop the Unauthorized Use of GoAnywhere MFT Software - Recently, a zero-day vulnerability was discovered in the GoAnywhere managed file transfer software, and news of active exploitation has been reported. Fortra, formerly known as HelpSystems, released two security notifications with mitigations and ...
1 year ago Securityweek.com
Hackers Can Gain Access to Servers Through a GoAnywhere MFT Security Flaw - GoAnywhere MFT, a secure web file transfer solution, has warned customers of a zero-day remote code execution vulnerability on exposed administrator consoles. This exploit requires access to the administrative console, which should not normally be ...
1 year ago Bleepingcomputer.com
10 of the biggest zero-day attacks of 2023 - Here are 10 of the biggest zero-day attacks of 2023 in chronological order. Zero-day attacks started strong in 2023 with CVE-2023-0669, a pre-authentication command injection vulnerability in Fortra's GoAnywhere managed file transfer product. ...
10 months ago Techtarget.com
Week in review: 15 million Trello users' scraped data on sale, attackers can steal NTLM hashes - The reality of hacking threats in connected car systemsIn this Help Net Security interview, Ivan Reedman, Director of Secure Engineering at IOActive, discusses how manufacturers, government regulations, and consumers are adapting to these new ...
9 months ago Helpnetsecurity.com
Alert for GoAnywhere MFT Users Potential ZeroDay Vulnerability Detected - Users of the GoAnywhere secure managed file transfer software have been warned about a potential security risk. This software, created by Fortra (formerly known as HelpSystems), is designed to help organizations securely exchange data with their ...
1 year ago Securityweek.com
PoC exploit for critical Fortra FileCatalyst MFT vulnerability released - Proof-of-concept exploit code for a critical RCE vulnerability in Fortra FileCatalyst MFT solution has been published. Fortra FileCatalyst is an enterprise managed file transfer software solution that includes several components: FileCatalyst Direct, ...
7 months ago Helpnetsecurity.com
Cybersecurity Tips to Stay Safe this Holiday Season - Cybercriminals take advantage of this hectic time to target holiday shoppers and travelers. Their goal is to catch you off guard when or where you least expect it. If you're like me you might be doing some last-minute shopping and looking for the ...
10 months ago Cybersecurity-insiders.com
The Evolving Cybersecurity Landscape in 2024: Predictions and Preparations - As we prepare to ring in the new year, the ever-evolving cybersecurity landscape promises to bring new cyber threat actors, vulnerabilities, and weaknesses to counter. As technology evolves, so do cyber threat actors' tactics, techniques, and ...
10 months ago Securityboulevard.com
The old, not the new: Basic security issues still biggest threat to enterprises - Attacks on critical infrastructure reveal industry faux pas. Ransomware attacks on enterprises saw a nearly 12% drop last year, as larger organizations opt against paying and decrypting, in favor of rebuilding their infrastructure. X-Force analysis ...
8 months ago Helpnetsecurity.com
CVE-2021-46830 - A path traversal vulnerability exists within GoAnywhere MFT before 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who self-registers with a specific username and/or ...
2 years ago
CVE-2024-25156 - ...
7 months ago
Cybercriminals Take Advantage of Weaknesses in Sunlogin to Install Sliver Command and Control System - Cybercriminals are taking advantage of known weaknesses in Sunlogin software to deploy the Sliver command-and-control framework for post-exploitation activities. This was discovered by AhnLab Security Emergency response Center, which found that ...
1 year ago Thehackernews.com
4 Tips for Safe and Secure Holiday Shopping - The holiday season is the most wonderful time of the year for experienced and novice cybercriminals alike looking to make a quick payday. Although threat actors are relying on classic scams to trick unsuspecting consumers this season, you can take ...
10 months ago Feeds.fortinet.com
Tax Season Alert: Common scams and cracked software - OpenText is committed to providing you with the latest intelligence and tips to safeguard your digital life, especially during high-risk periods like tax season. Our threat analysts are constantly monitor the ebb and flow of various threats. One ...
8 months ago Webroot.com
Insights into your unpatched vulnerabilities - Every day, nearly 70 brand-new vulnerabilities are discovered in software products around the world. In the 100 most prevalent unpatched vulnerabilities, the majority are found in software by Adobe, Zoom, and Mozilla. One critical vulnerability was ...
10 months ago Malwarebytes.com
Is Your Online Store Hacked in a Carding Attack? - Hackers are plotting to benefit from the generosity of Halloween, Thanksgiving, and Christmas shoppers using carding attacks as we gear up for the holiday season shopping. Online companies selling products or services are struggling with the growing ...
11 months ago Cybersecuritynews.com
BlackCat Strikes Back: Ransomware Gang "Unseizes" Website, Vows No Limits on Targets - The BlackCat ransomware group, also known as Alphv, has started taking action in response to the recently announced law enforcement operation that involved website seizures and the release of a decryption tool. BlackCat's Tor-based leak website ...
10 months ago Securityweek.com
Cybercriminals Hesitant About Using Generative AI - Cybercriminals are so far reluctant to use generative AI to launch attacks, according to new research by Sophos. Examining four prominent dark-web forums for discussions related to large language models, the firm found that threat actors showed ...
11 months ago Infosecurity-magazine.com
Abnormal Security Shares Examples of Attacks Using Generative AI - Abnormal Security has published examples of cyberattacks that illustrate how cybercriminals are beginning to leverage generative artificial intelligence to launch cyberattacks. In one example, a cybercriminal posed as a customer service ...
10 months ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)