"Security Researchers Believe Mass Exploitation Attempts Against WS_FTP Have Begun"
Researchers suspect the mass exploitation of vulnerabilities in Progress Software's WS_FTP Server. Researchers at Rapid7 first observed evidence of exploitation across multiple instances of WS_FTP on September 30. Progress recently released fixes for eight vulnerabilities in WS_FTP, including one with a CVSS severity rating of 10. The company said that there was no evidence of exploitation at the time. Researchers did not specify which vulnerabilities were being exploited, but it appeared that "one or more" of the eight vulnerabilities detailed in Progress' advisory were being targeted. According to Caitlin Condon, senior manager of vulnerability research at Rapid7, the attacks started on the evening of September 30, and Rapid7 received alerts from multiple customer environments of attempted attacks within minutes of each other. After analyzing the exploit chain, researchers concluded that the process appeared uniform across all the incidents they were notified of, which could indicate mass exploitation. This article continues to discuss the suspected mass exploitation attempts against WS_FTP.
Submitted by grigby1