Buscar
  • juanjomartinez56

Secure File Sharing tool have been hacked

Actualizado: mar 3

Secure File Sharing tools allow employees to collaborate with third parties by sharing files and information in secure ways. ūü§Ě


Accellion content firewalls are a leading solution in this space. ūüĒí


A cybercrime group called UNC2546 has found and exploited since mid-December 4 vulnerabilities to steal data that they threaten to make public if not paid a ransom: ūüíį


ūü¶†. CVE-2021-27101 - SQL injection via a crafted Host header

ūü¶†. CVE-2021-27102 - OS command execution via a local web service call

ūü¶†. CVE-2021-27103 - SSRF via a crafted POST request

ūü¶†. CVE-2021-27104 - OS command execution via a crafted POST request


Accellion has issued patches to fix all of them in their File Transfer Appliance.ūüõ° Still, before that, 25 customers seem to have suffered significant data theft, according to Ravie Lakshmanan in his article for The Hacker News. ūü§ď


In your opinion securing need-to-be-shared information is more a matter of policies and procedures or tools? ūü§Ē


Links: LinkedIn post and comments: https://www.linkedin.com/posts/juanjomartinezpagan_cybersecurity-informationsecurity-datalossprevention-activity-6772411087879979009-hscX

Ravie Lakshmanan's article: https://thehackernews.com/2021/02/hackers-exploit-accellion-zero-days-in.html



2 vistas0 comentarios

Entradas Recientes

Ver todo