Authentication bypass in Fortra’s GoAnywhere MFT before 7.4.1 allows an unauthorized user to create an admin user via the administration portal,” Fortra said in an advisory released on January 22, 2024.
Cyware News – Latest Cyber News – Read More
Post Content
darkreading – Read More
Aleksandr Ermakov, alongside other members of the REvil ransomware gang, are responsible for one of the biggest cyberattacks in Australia’s history.
darkreading – Read More
A critical security flaw has been disclosed in Fortra’s GoAnywhere Managed File Transfer (MFT) software that could be abused to create a new administrator user.
Tracked as CVE-2024-0204, the issue carries a CVSS score of 9.8 out of 10.
“Authentication bypass in Fortra’s GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal,” Fortra&
The Hacker News – Read More
The new bug is Apple’s 12th WebKit zero-day in the last year, highlighting the increasing enterprise exposure to browser-borne threats.
darkreading – Read More
VexTrio is a traffic direction system (TDS) with more than 60 affiliates feeding an unknown number of malicious campaigns.
The post Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire appeared first on SecurityWeek.
SecurityWeek – Read More
The malware substitutes genuine apps with compromised versions, enabling attackers to pilfer credentials and recovery phrases, thus gaining access to wallets and their contents.
darkreading – Read More
The foot-long sandwich purveyor is looking into LockBit 3.0 claims that it stole reams of data from the proprietary “SBS” network.
darkreading – Read More
Crypto hackers gained control of a phone number associated with the government agency’s account after MFA was disabled in July.
darkreading – Read More