March 31, 2023

The Clop ransomware group claims that it has stolen sensitive data from over 130 organizations by exploiting Fortra’s GoAnywhere MFT secure file transfer tool tracked as CVE-2023-0669.

Fortra advisory says the zero-day is a remote code injection issue that impacts GoAnywhere MFT. The vulnerability can only be exploited by attackers with access to the administrative console of the application.

Advertisements

If the consoles are not exposed to the internet, then it’s considered safe. Fortra recommends GoAnywhere MFT customers to review all administrative users and monitor for unrecognized usernames, especially those created by the system.

Fortra addressed the flaw with the release of the emergency security patch and urged customers to install it.

Threat actors from Clop told BleepingComputer that they were able to compromise over 130 organizations in just ten days, but did not share details regarding their claims and claimed full compromise of victims network but didn’t deployed any ransomware.

Advertisements

Several security researchers have already released exploits for the CVE-2023-0669 vulnerability.

CISA also added the GoAnywhere MFT flaw to its  Known Exploited Vulnerabilities Catalog, ordering federal agencies to address it by March 3, 2023.

Tags:

Leave a Reply

You may have missed

Microsoft Patches BingBang Cloud Vulnerability Exposing O365 Data

Microsoft Patches BingBang Cloud Vulnerability Exposing O365 Data

March 30, 2023
Microsoft Defender Reports Zoom and Google as malicious

Microsoft Defender Reports Zoom and Google as malicious

March 30, 2023
Cisco Acquiring Lightspin

Cisco Acquiring Lightspin

March 30, 2023
APT-43 Elite North Korean Group

APT-43 Elite North Korean Group

March 29, 2023
Microsoft AI Security Copilot

Microsoft AI Security Copilot

March 29, 2023
Apple Backports ZeroDay Patches for older devices

Apple Backports ZeroDay Patches for older devices

March 28, 2023
%d bloggers like this: