Researchers at Rapid7 have reported a “possible mass exploitation” of vulnerabilities in Progress Software’s WS_FTP Server (a program that enables the upload and download files to and from a server).
Rapid7 reported that from September 30, it has observed “multiple instances of WS_FTP exploitation in the wild”.
With secure file transfer technologies continuing to be popular targets for attackers, the advice is to update/upgrade to a patched version of WS_FTP Server such as 8.8.2.
Also, those using the Ad Hoc Transfer module in WS_FTP Server who can’t update to a fixed version are advised to consider disabling or removing the module.
They are always on hand to help, especially outside of normal working hours to help lessen the disruption to our users.
- Ian Walters -