September 21, 2023

Recently two organizations have reported that they have experienced cybersecurity incidents caused by a zero-day vulnerability (CVE-2023-0699) in Fortra’s GoAnywhere MFT secure file sharing software.

The latest case was March 2, when fintech Hatch Bank reported that threat actors stole the personal data of nearly 140,000 customers from the GoAnywhere platform.

Last month, an SEC filing disclosed that 1 million patients tied to Community Health Systems in Tennessee were among 130 organizations compromised by the Clop ransomware group.

Advertisements

It’s a nightmare for any software vendor to discover a zero-day vulnerability being exploited in the wild. This nightmare gets compounded when the software is a security-oriented tool. This zero-day exploit also needs an exposed administrative console to work. It’s an interesting case,

The vulnerability is listed in the OWASP top 10 and should have been caught by a secure software development process. Rather than focusing on specific vulnerabilities, security teams should enable MFA wherever possible, but especially for privileged accounts; disable or limit any open administrative console access by any means possible; and monitor security controls for any anomalous user behavior, especially administrative accounts.

Any company using the Fortra GoAnywhere software to patch right away and be sure not to expose the admin console to the public internet.

Tags:

Leave a Reply

You may have missed

Atlassian BitBucket and Confluence Vulnerabilities

September 21, 2023

Snatch ransomware Dissection

September 21, 2023

Fortinet Fixes Vulnerabilities in FortiOS

September 20, 2023

Trend Micro Endpoint Vulnerability – CVE-2023-41179

September 20, 2023

GitLab Addresses Critical Vulnerability -CVE-2023-4998

September 20, 2023

Crowdstrike New Offerings and Bionic.ai Acquisition

September 20, 2023
%d bloggers like this: