Qualys Gets Clopped by Accellion-Exploiting Attackers bankinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from bankinfosecurity.com Daily Mail and Mail on Sunday newspapers.
Let’s move off this platform as soon as possible.
In the case of Accellion s FTA, reverse engineering enabled attackers to drop a web shell - a script that enables remote execution of commands - onto any server running the FTA software, according to FireEye s Mandiant incident response group, which Accellion hired to investigate. The web shell allowed attackers to bypass authentication, remotely execute code on the vulnerable systems and steal data. In at least some cases, stolen data ended up in the hands of the Clop ransomware gang, which has been offering to sell it or to remove it if victims pay a ransom (see:
Accellion Attack Involved Extensive Reverse Engineering govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.
NSW Government ‘Retires’ Accellion File Transfer System Amid International Cyber Breach
The NSW government has blocked access to an international file transfer company after servers at the state’s health and transport department were among those in major organisations hacked by international cybercriminals.
The move comes as the personal information of at least 104,000 people, including NSW staff accounts, were compromised in a phishing attack that occurred in April 2020, according to a NSW Inquiry into Cybersecurity (pdf).
Cyber Security NSW was first made aware of vulnerabilities to the Accellion File Transfer Appliance (FTA) in January and established “Strike Force Martine” with NSW police to investigate the impacts on the breach.