all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks

Add to bookmarks
April 20, 2023, 11:22 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Fortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution (RCE) vulnerability in its GoAnywhere MFT tool that has come under active exploitation by ransomware actors to steal sensitive data.
The high-severity flaw, tracked as CVE-2023-0669 (CVSS score: 7.2), concerns a case of pre-authenticated command injection that could be abused to achieve code execution. The

attacks case cobalt cobalt strike code code execution command command injection cve cve-2023-0669 cvss data exploit exploitation flaw fortra goanywhere goanywhere mft high injection mft ransomware ransomware attacks rce remote code remote code execution score sensitive data severity shed steal strike the company tool under vulnerability zero-day zero-day exploit

Visit resource

More from thehackernews.com / The Hacker News

A SaaS Security Challenge: Getting Permissions All in One Place 2 hours ago | thehackernews.com
access all in apps base +16
New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak Encryption Keys and Data 2 hours ago | thehackernews.com
academics advanced advanced encryption aes +30
The Fundamentals of Cloud Security Stress Testing 5 hours ago | thehackernews.com
assets attackers cloud cloud security +17
Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version 5 hours ago | thehackernews.com
aim analysis anti-analysis bypass +19
Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites 9 hours ago | thehackernews.com
accounts actively exploited admin bogus +25
Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator 1 day ago | thehackernews.com
addition administrator agency crime +17
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data 1 day, 3 hours ago | thehackernews.com
academia access activists apt42 +32
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion 1 day, 3 hours ago | thehackernews.com
attack back china china-linked hackers +16
New Case Study: The Malicious Comment 1 day, 6 hours ago | thehackernews.com
case code comments discover +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior PAM Security Engineer

@ Experian | Hyderabad, India
View on infosec-jobs.com

Cybersecurity Analyst II

@ Spry Methods | Washington, DC (Hybrid)
View on infosec-jobs.com

Cyber Security Engineer

@ Expleo | Gothenburg, AC, Sweden
View on infosec-jobs.com

Cybersecurity – Information System Security Manager (ISSM)

@ Boeing | USA - Albuquerque, NM
View on infosec-jobs.com

Senior Security Engineer - Canada

@ DataVisor | Ontario, Canada - Remote
View on infosec-jobs.com

Cybersecurity Architect

@ HARMAN International | JP Tokyo 3-5-7 Ariake Koto-ku
View on infosec-jobs.com
View more jobs