"MOVEit Maker Warns of New Critical Bug Affecting Thousands"

Progress Software, the maker of the MOVEit Transfer tool that hackers exploited to compromise thousands of businesses, has announced that its WS_FTP Server software requires a patch for a critical flaw. The company recently disclosed vulnerabilities impacting the interface and Ad Hoc Transfer module of the WS_FTP Server secure file transfer software. Progress Software's advisory notes that attackers could exploit a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system. One of the ways attackers could exploit the flaw is through a Remote Code Execution (RCE) attack, with threat actors commanding the operation of another person's or business's device. Progress says thousands of Information Technology (IT) teams rely on WS_FTP. Cybernews researchers examined Internet of Things (IoT) search engines and found that over 6,000 servers are running the WS_FTP Server. This article continues to discuss the new critical vulnerability announced by Progress Software.

Cybernews reports "MOVEit Maker Warns of New Critical Bug Affecting Thousands"

Submitted by grigby1