Secure File Sharing tools allow employees to collaborate with third parties by sharing files and information in secure ways. 🤝
Accellion content firewalls are a leading solution in this space. 🔒
A cybercrime group called UNC2546 has found and exploited since mid-December 4 vulnerabilities to steal data that they threaten to make public if not paid a ransom: 💰
🦠. CVE-2021-27101 - SQL injection via a crafted Host header
🦠. CVE-2021-27102 - OS command execution via a local web service call
🦠. CVE-2021-27103 - SSRF via a crafted POST request
🦠. CVE-2021-27104 - OS command execution via a crafted POST request
Accellion has issued patches to fix all of them in their File Transfer Appliance.🛡 Still, before that, 25 customers seem to have suffered significant data theft, according to Ravie Lakshmanan in his article for The Hacker News. 🤓
In your opinion securing need-to-be-shared information is more a matter of policies and procedures or tools? 🤔
Links: LinkedIn post and comments: https://www.linkedin.com/posts/juanjomartinezpagan_cybersecurity-informationsecurity-datalossprevention-activity-6772411087879979009-hscX
Ravie Lakshmanan's article: https://thehackernews.com/2021/02/hackers-exploit-accellion-zero-days-in.html
Comments