December 2, 2023

The Clop ransomware group claims that it has stolen sensitive data from over 130 organizations by exploiting Fortra’s GoAnywhere MFT secure file transfer tool tracked as CVE-2023-0669.

Fortra advisory says the zero-day is a remote code injection issue that impacts GoAnywhere MFT. The vulnerability can only be exploited by attackers with access to the administrative console of the application.

Advertisements

If the consoles are not exposed to the internet, then it’s considered safe. Fortra recommends GoAnywhere MFT customers to review all administrative users and monitor for unrecognized usernames, especially those created by the system.

Fortra addressed the flaw with the release of the emergency security patch and urged customers to install it.

Threat actors from Clop told BleepingComputer that they were able to compromise over 130 organizations in just ten days, but did not share details regarding their claims and claimed full compromise of victims network but didn’t deployed any ransomware.

Advertisements

Several security researchers have already released exploits for the CVE-2023-0669 vulnerability.

CISA also added the GoAnywhere MFT flaw to its  Known Exploited Vulnerabilities Catalog, ordering federal agencies to address it by March 3, 2023.

Tags:

Leave a Reply

You may have missed

CISA KEV Update Part I – December 2023

December 1, 2023

Dollar Tree Affected by a Third Party Breach

December 1, 2023

Apple Patches iOS zerodays – CVE-2023-42916 and CVE-2023-42917

December 1, 2023

TheCyberThrone Security Week In Review – November 25, 2023

November 30, 2023

BlueVoyant Acquires Conquest Cyber

November 30, 2023

Google Fixes Sixth Chrome ZeroDay of 2023

November 29, 2023
%d bloggers like this: