file transfer

Security | Dec 10, 2024

Cleo file transfer software being exploited at scale as patch fails

Attackers are not just exfiltrating files but establishing persistence on endpoints and have been “observed enumerating potential Active Directory assets with domain reconnaissance tools"

Security | Jun 11, 2024

“Trivially exploitable” bug in SolarWinds file server needs prompt fixing

“CVE-2024-28995 is not known to be exploited in the wild as of 9 AM ET on June 11. We expect this to change."

Security | Oct 03, 2023

Progress Software blasts “irresponsible” POC disclosure for CVSS 10 bug amid attacks

A fair gripe, or shooting the messenger?

| Security | Oct 02, 2023

File transfer software again under attack – CVSS 10 bug exploitable with a single HTTPS POST request

Progress software file transfer WS_FTP vulnerability CVE-2023-40044 exploit

Some 2,900 exposed. It's Progress, but it's not progress...

| MOVEit | Jul 07, 2023

Fuzzy Thinking: Yet more critical SQL Injection bugs in MOVEIt Transfer

You're tired? Everyone's tired. Just patch promptly please.

Security | Jul 03, 2023

Malvertising: Threat actors are duping downloaders using... Google Ads and SEO

Threat actors are using SEO to trick users into downloading ransomware.

Security | Feb 22, 2023

IBM high speed file transfer software exploited by hackers

A pre-auth RCE in IBM Aspera Faspex is being exploited in the wild

document.currentScript.parentNode.innerHTML = (parseInt(document.currentScript.closest('.iteration-container').dataset.length)).toString();