A security firm has linked the recent exploit of a zero-day vulnerability in the GoAnywhere managed file transfer (MFT) software to a well-known cybercriminal organization that most likely attempted to use the flaw in a ransomware attack.
Fortra informed GoAnywhere MFT users of a zero-day remote code injection vulnerability on February 1. Users have been advised to urgently install the patch, especially if they are operating an admin portal that is accessible via the internet. There appear to be more than 1,000 GoAnywhere instances available online.
At least some of the exposed instances are connected to the product’s web client interface, which is unaffected, and the vendor claims that exploitation requires access to the application’s admin console.
Read More: GoAnywhere MFT Zero-Day Exploitation Linked to Ransomware Attacks
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.