Many organizations continue to be vulnerable to a zero-day flaw in Fortra's GoAnywhere Managed File Transfer system, tracked as CVE-2023-0669, despite widespread exploitation by the Clop ransomware gang since February, reports The Record, a news site by cybersecurity firm Recorded Future.
Despite a 46% drop in exposed GoAnywhere admin panels since the emergence of a patch, such panels remained in 179 hosts more than two months after the zero-day vulnerability's disclosure, 30% of which continued to be unpatched, a report from Censys revealed.
"A single vulnerable instance has the potential to serve as a gateway to a data breach that could potentially impact millions of individuals," said Censys security researcher Himaja Motheram.
ALPHV/BlackCat ransomware has also been reported by security firm At-Bay to have leveraged the vulnerability to compromise an unnamed U.S.-based firm in February.
"Executing a ransomware attack by targeting the GoAnywhere MFT vulnerability is extremely easy with the exfiltration of data near certain, and the fast delivery of the payload also guaranteed," said At-Bay.
Vulnerabilities impacting cloud analytics and business intelligence software Qlik Sense have been exploited to facilitate the deployment of CACTUS ransomware in a new campaign, The Hacker News reports.
Staples cyberattack disrupts online orders BleepingComputer reports that outages at American office supply retail chain that disrupted online orders were confirmed to have been caused by a cyberattack.
Cyber Resilience in the Ransomware and Wiper Era New Strategies for CISOs to Protect
The changing face of ransomware, and how to respond
Unveiling the Hidden Threat: Hybrid Attackers Leveraging Identities to Execute Ransomware
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news