August 30, 2024 at 07:24AM Fortra announced patches for critical vulnerabilities in FileCatalyst Workflow, including a flaw involving leaked credentials (CVE-2024-6633) and a high-severity SQL injection issue (CVE-2024-6632). These vulnerabilities could grant an attacker remote access and perform dangerous operations. The company advises customers to update to FileCatalyst Workflow version 5.1.7 build 156 to mitigate … Read more
August 28, 2024 at 01:06PM Fortra has issued a warning about a serious hardcoded password vulnerability in FileCatalyst Workflow. This flaw has the potential to enable unauthorized access to an internal database, leading to data theft and the acquisition of administrator privileges. Based on the meeting notes, it seems that Fortra is alerting about a … Read more
August 28, 2024 at 12:51PM Fortra has patched a critical security flaw in FileCatalyst Workflow (CVE-2024-6633) that could give remote attackers admin access via HSQL database. Tenable discovered flaws, one allowing SQL injection (CVE-2024-6632). Responsible disclosure led to patch release in version 5.1.7, fixing both vulnerabilities. Follow us on Twitter and LinkedIn for more exclusive … Read more
July 4, 2024 at 04:36AM Europol led Operation Morpheus to tackle nearly 600 illegal IP addresses associated with Cobalt Strike. The disruptive action targeted criminal activity, involving partners in 27 countries. Notable support was provided by private sector partners and Europol’s Malware Information Sharing Platform. The operation sent a strong message to cybercriminals globally. However, … Read more
June 28, 2024 at 07:12AM Fortra released patches for a critical SQL injection vulnerability (CVE-2024-5276, CVSS 9.8) in FileCatalyst Workflow version 5.1.6 Build 135 and earlier. This flaw could create administrative user accounts and modify application data. Tenable identified the issue and published PoC code for exploiting it. Fortra addressed the vulnerability in version 5.1.6 … Read more
March 18, 2024 at 10:09AM Fortra disclosed a critical security flaw in its FileCatalyst solution allowing unauthenticated attackers to achieve remote code execution by bypassing restrictions on file uploads. Tracked as CVE-2024-25153, the flaw received a CVSS score of 9.8 and was patched in FileCatalyst Workflow version 5.1.6 Build 114. Other vulnerabilities, CVE-2024-25154 and CVE-2024-25155, … Read more
March 18, 2024 at 06:45AM The PoC code is available for a critical vulnerability (CVE-2024-25153, CVSS score 9.8) in Fortra FileCatalyst Workflow. Attackers can execute arbitrary code through a directory traversal bug in the ‘ftpservlet’ component, potentially leading to web shell execution. SOCRadar warns of threat actor exploitation and advises prompt system updates. Additional details … Read more
February 27, 2024 at 02:23PM The Phishing as a Service (PhaaS) platform ‘LabHost’ has become a major concern, aiding cybercriminals in targeting North American banks, particularly Canadian institutions. LabHost offers customizable phishing kits, infrastructure, and a real-time phishing management tool for a monthly fee. Their new SMS spamming tool, ‘LabSend,’ further extends their reach in … Read more
January 24, 2024 at 03:05PM A new proof-of-concept exploit is available for a critical authentication bypass vulnerability (CVE-2024-0204) in Fortra’s GoAnywhere Managed File Transfer software. This flaw affects a large percentage of systems and allows unauthenticated remote attackers to create new accounts with admin privileges. The release of this exploit is likely to lead to … Read more
January 24, 2024 at 10:07AM Security experts have rapidly published working exploits for a critical vulnerability in Fortra GoAnywhere MFT, exposing a serious authentication bypass issue initially disclosed by Fortra in December. Researchers from Horizon3 developed an exploit targeting a vulnerable endpoint, exposing the system to unauthorized admin user creation. Fortra advises upgrading to version … Read more