Top file-sharing tools are being hit by security attacks once again

A bug, allowing data exfiltration in top file-sharing tools, is being abused in the wild, experts warn.

  Science/Technology   Dec 11, 2024   0   24  Add to Reading List
Top file-sharing tools are being hit by security attacks once again


Click the link to join the registration on WhatsApp: https://chat.whatsapp.com/KThkuZlWaTcCu3iJHGBmLM


Click the link to join the registration on WhatsApp: https://chat.whatsapp.com/KThkuZlWaTcCu3iJHGBmLM


Click the link to join the registration on WhatsApp: https://chat.whatsapp.com/KThkuZlWaTcCu3iJHGBmLM
  • Security researchers Huntress uncover flaw in LexiCom, VLTransfer, and Harmony tools
  • The flaw was patched more than a month ago, but the patch did not work
  • Now hackers are abusing the bug, possibly to steal data

Multiple managed file transfer tools from the same developer are being abused to launch attacks and possibly steal data, experts have warned, with dozens of organizations already targeted.

Cybersecurity researchers at Huntress have claimed LexiCom, VLTransfer, and Harmony were all vulnerable to CVE-2024-50623, an unrestricted file upload and download vulnerability that could lead to remote code execution.

All three tools were built by the same company, Cleo, which published a patch for the bug in late October 2024 - however, Huntress claims that the patch doesn’t work well and doesn’t protect the users from threat actors.

Post-exploitation activity

In fact, Huntress, which says its tools protect more than 1,700 Cleo users, claims it spotted at least 24 compromised businesses.

“Victim organizations so far have included various consumer product companies, logistics and shipping organizations, and food suppliers,” Huntress said in its writeup, adding that countless other companies are at risk.

TechCrunch added that Shodan shows “hundreds” of vulnerable Cleo servers, mostly in the United States. The company has more than 4,000 clients, including a number of large enterprises.

The attackers have not yet been identified, and Huntress is not conclusively saying if they stole any information from these organizations. However, the researchers did say that the threat actors were running “post-exploitation” activity, which could hint that files were, indeed, stolen.

Cleo acknowledged the flaw, and confirmed the team was working on a further fix, but until that is released, users should put the tools behind a firewall, just to be on the safe side.

Managed file transfer (MFT) solutions and security issues started grabbing headlines in 2023, when a Russian ransomware group Cl0p found a hole in MOVEit and used it to exfiltrate data from thousands of organizations around the world.

Via TechCrunch

You might also like

Read Original   

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow

Keep advertising to get more people

You could reach thousands of more people for every ₦1,000 you spend. https://doacweb.com/advertising

Adverts on doacWeb can be informative, educative or persuasive in nature.

doacWeb Ads is always directed at a broad audience (reaching thousands of people day by day), not few individuals — it deliver your advert to the target audience at the same time. Putting your offer in front of the right people — who have the money and interest in what you sell.

doacWeb Advertising gives you advantage as adverts passes through https://doacweb.com to the internet, reaching millions of people over the internet, and to grow your audience.

Grow your business, Be known, Boost your visibility, Drive engagements, Get new customers and Increase sales.

doacWeb acts as a global advertising media, to let people — individuals — and businesses, to promote and reach more interested people.

Get Started.

WhatsApp: 09031633831

Email: info@doacweb.com
Keep advertising to get more people

You could reach thousands of more people for every ₦1,000 you spend. https://doacweb.com/advertising

Adverts on doacWeb can be informative, educative or persuasive in nature.

doacWeb Ads is always directed at a broad audience (reaching thousands of people day by day), not few individuals — it deliver your advert to the target audience at the same time. Putting your offer in front of the right people — who have the money and interest in what you sell.

doacWeb Advertising gives you advantage as adverts passes through https://doacweb.com to the internet, reaching millions of people over the internet, and to grow your audience.

Grow your business, Be known, Boost your visibility, Drive engagements, Get new customers and Increase sales.

doacWeb acts as a global advertising media, to let people — individuals — and businesses, to promote and reach more interested people.

Get Started.

WhatsApp: 09031633831

Email: info@doacweb.com
Keep advertising to get more people

You could reach thousands of more people for every ₦1,000 you spend. https://doacweb.com/advertising

Adverts on doacWeb can be informative, educative or persuasive in nature.

doacWeb Ads is always directed at a broad audience (reaching thousands of people day by day), not few individuals — it deliver your advert to the target audience at the same time. Putting your offer in front of the right people — who have the money and interest in what you sell.

doacWeb Advertising gives you advantage as adverts passes through https://doacweb.com to the internet, reaching millions of people over the internet, and to grow your audience.

Grow your business, Be known, Boost your visibility, Drive engagements, Get new customers and Increase sales.

doacWeb acts as a global advertising media, to let people — individuals — and businesses, to promote and reach more interested people.

Get Started.

WhatsApp: 09031633831

Email: info@doacweb.com