uTalk

thrive

Member

Registered: 2023-01-04

Posts: 2,057

Hackers are actively exploiting a zero-day vulnerability in Fortra's G

A zero-day vulnerability affecting Fortra's GoAnywhere MFT-managed file transfer application is being actively exploited in the wild.
Details of the flaw were first publicly shared by security reporter Brian Krebs on Mastodon. No public advisory has been published by Fortra.
The vulnerability is a case of remote code injection that requires access to the administrative console of the application, making it imperative that the systems are not exposed to the public internet.
According to security researcher Kevin Beaumont, there are over 1,000 on-premise instances that are publicly accessible over the internet, a majority of which are located in the U.S.
"The Fortra advisory Krebs quoted advises GoAnywhere MFT customers to review all administrative users and monitor for unrecognized usernames, especially those created by system," Rapid7 researcher Caitlin Condon said.
"The logical deduction is that Fortra is likely seeing follow-on attacker behavior that includes the creation of new administrative or other users to take over or maintain persistence on vulnerable target systems."
Alternatively, the cybersecurity company said it's possible for threat actors to exploit reused, weak, or default credentials to obtain administrative access to the console.
There is no patch currently available for the zero-day vulnerability, although Fortra has released workarounds to remove the "License Response Servlet" configuration from the web.xml file.

Vulnerabilities in file transfer solutions have become appealing targets for threat actors, what with flaws in Accellion and FileZen weaponized for data theft and extortion.

Cat

Member

Registered: 2023-03-11

Posts: 153

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

has the problem been solved yet?

joanna

Member

Registered: 2023-01-10

Posts: 2,472

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

has the problem been solved yet?

I believe after a vulnerability is figured what the firm does is find a solution to prevent further attacks. It's hard to know if the issue is solved but I just hope the organization won't make the same mistake as KeePass which was attacked twice in a role.

misha220

Member

Registered: 2023-03-23

Posts: 10

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

Let's hope that all these problems will be solved by someone. Be careful.

thrive

Member

Registered: 2023-01-04

Posts: 2,057

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

Let's hope that all these problems will be solved by someone. Be careful.

Prevention is better than a cure buddy. When preventing something from happening is always good than looking for a solution after the issue has already occurred.
People need to make use of privacy services to prevent vulnerability.

oba

Member

Registered: 2023-01-13

Posts: 1,858

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

Let's hope that all these problems will be solved by someone. Be careful.

The problem cant be solved by someone unless all projects started to make use of advanced security features just like the UtopiaP2P ecosystem and also constantly upgrade their platform. Do you guys hear that almost all the funds hacked by hackers on the DeFi project are returned?

IyaJJJ

Member

Registered: 2023-01-25

Posts: 1,605

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

Let's hope that all these problems will be solved by someone. Be careful.

The problem cant be solved by someone unless all projects started to make use of advanced security features just like the UtopiaP2P ecosystem and also constantly upgrade their platform. Do you guys hear that almost all the funds hacked by hackers on the DeFi project are returned?

I read a Tweet by CZ Binance that mentioned it but that doesn't justify that all cryptocurrencies projects have to ignore the most important thing which is to secure the investors and their user funds.

level

Member

Registered: 2023-01-19

Posts: 1,343

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

Let's hope that all these problems will be solved by someone. Be careful.

The problem cant be solved by someone unless all projects started to make use of advanced security features just like the UtopiaP2P ecosystem and also constantly upgrade their platform. Do you guys hear that almost all the funds hacked by hackers on the DeFi project are returned?

I read a Tweet by CZ Binance that mentioned it but that doesn't justify that all cryptocurrencies projects have to ignore the most important thing which is to secure the investors and their user funds.

You totally have a point and in secure the investors with the inclusion of user funds is the reason why we must not ignore privacy.

KingCRP

Member

Registered: 2023-01-06

Posts: 1,054

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

Hackers are every on this lose guys and the internet is very unsafe . Utopia p2p has set the ground running with all of its Utilities but my question is this would Utopia p2p comprise this to go mainstream.

KAMSI_UG

Member

Registered: 2022-12-26

Posts: 2,026

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

Hackers are every on this lose guys and the internet is very unsafe . Utopia p2p has set the ground running with all of its Utilities but my question is this would Utopia p2p comprise this to go mainstream.

Using the web proxy from Utopia p2p doesn’t only give you access to sites and application that your location can’t access previously but also I believe it can protect you as well.

thrive

Member

Registered: 2023-01-04

Posts: 2,057

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

Hackers are every on this lose guys and the internet is very unsafe . Utopia p2p has set the ground running with all of its Utilities but my question is this would Utopia p2p comprise this to go mainstream.

Nowhere is safe buddy people just need to understand the rules of the game by using the privacy and using strong and unique passwords for all their online accounts and, regularly updating their applications.

IyaJJJ

Member

Registered: 2023-01-25

Posts: 1,605

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

Hackers are every on this lose guys and the internet is very unsafe . Utopia p2p has set the ground running with all of its Utilities but my question is this would Utopia p2p comprise this to go mainstream.

Nowhere is safe buddy people just need to understand the rules of the game by using the privacy and using strong and unique passwords for all their online accounts and, regularly updating their applications.

There's also the need of using good anti-virus and firewall software to protect devices from malware or hacker tricks. Also use two-factor authentication (2FA) whenever possible to enhance the security of online accounts.

full

Member

Registered: 2023-01-06

Posts: 1,189

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

Hackers are every on this lose guys and the internet is very unsafe . Utopia p2p has set the ground running with all of its Utilities but my question is this would Utopia p2p comprise this to go mainstream.

Using the web proxy from Utopia p2p doesn’t only give you access to sites and application that your location can’t access previously but also I believe it can protect you as well.

Nevertheless, the UtopiaP2P ecosystem never provides privacy alone, it also solves online restriction issue and provides the best earning opportunity.

joanna

Member

Registered: 2023-01-10

Posts: 2,472

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

Hackers are every on this lose guys and the internet is very unsafe . Utopia p2p has set the ground running with all of its Utilities but my question is this would Utopia p2p comprise this to go mainstream.

Nowhere is safe buddy people just need to understand the rules of the game by using the privacy and using strong and unique passwords for all their online accounts and, regularly updating their applications.

There's also the need of using good anti-virus and firewall software to protect devices from malware or hacker tricks. Also use two-factor authentication (2FA) whenever possible to enhance the security of online accounts.

Keeping software up to date with the latest security updates and patches.
Don't click on links or download attachments from unknown or suspicious sources.
Be cautious of phishing scams that try to steal your personal information by using phony emails, websites, or social media posts.

level

Member

Registered: 2023-01-19

Posts: 1,343

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

Nowhere is safe buddy people just need to understand the rules of the game by using the privacy and using strong and unique passwords for all their online accounts and, regularly updating their applications.

There's also the need of using good anti-virus and firewall software to protect devices from malware or hacker tricks. Also use two-factor authentication (2FA) whenever possible to enhance the security of online accounts.

Keeping software up to date with the latest security updates and patches.
Don't click on links or download attachments from unknown or suspicious sources.
Be cautious of phishing scams that try to steal your personal information by using phony emails, websites, or social media posts.

Be cautious when entering personal or financial information online, especially when using a public Wi-Fi network and always use a virtual private network (VPN) when accessing the Internet from public Wi-Fi or when traveling to protect your online activity from prying eyes. This is why i like the Utopia web proxy.

thrive

Member

Registered: 2023-01-04

Posts: 2,057

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

There's also the need of using good anti-virus and firewall software to protect devices from malware or hacker tricks. Also use two-factor authentication (2FA) whenever possible to enhance the security of online accounts.

Keeping software up to date with the latest security updates and patches.
Don't click on links or download attachments from unknown or suspicious sources.
Be cautious of phishing scams that try to steal your personal information by using phony emails, websites, or social media posts.

Be cautious when entering personal or financial information online, especially when using a public Wi-Fi network and always use a virtual private network (VPN) when accessing the Internet from public Wi-Fi or when traveling to protect your online activity from prying eyes. This is why i like the Utopia web proxy.

Despite all the important information you guys provide which I strongly believe will protect people's privacy and also provide security online. However, maintaining the route every day will be hard due to human error. It is better to rely on UtopiaP2P to provide all this.

joanna

Member

Registered: 2023-01-10

Posts: 2,472

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

There's also the need of using good anti-virus and firewall software to protect devices from malware or hacker tricks. Also use two-factor authentication (2FA) whenever possible to enhance the security of online accounts.

Keeping software up to date with the latest security updates and patches.
Don't click on links or download attachments from unknown or suspicious sources.
Be cautious of phishing scams that try to steal your personal information by using phony emails, websites, or social media posts.

Be cautious when entering personal or financial information online, especially when using a public Wi-Fi network and always use a virtual private network (VPN) when accessing the Internet from public Wi-Fi or when traveling to protect your online activity from prying eyes. This is why i like the Utopia web proxy.

Maintain the privacy of your personal information and do not share it with strangers or unknown websites. Furthermore, be cautious about what you share on social media and limit the amount of personal information you share.
You can help protect your personal information and stay safe while using the internet by following these tips.

full

Member

Registered: 2023-01-06

Posts: 1,189

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

Keeping software up to date with the latest security updates and patches.
Don't click on links or download attachments from unknown or suspicious sources.
Be cautious of phishing scams that try to steal your personal information by using phony emails, websites, or social media posts.

Be cautious when entering personal or financial information online, especially when using a public Wi-Fi network and always use a virtual private network (VPN) when accessing the Internet from public Wi-Fi or when traveling to protect your online activity from prying eyes. This is why i like the Utopia web proxy.

Maintain the privacy of your personal information and do not share it with strangers or unknown websites. Furthermore, be cautious about what you share on social media and limit the amount of personal information you share.
You can help protect your personal information and stay safe while using the internet by following these tips.

However, it is still hard to prevent a human error that will eventually lead to vulnerable to attack because human error is a common problem that can lead to unwanted consequences in various online attacks.

IyaJJJ

Member

Registered: 2023-01-25

Posts: 1,605

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

Be cautious when entering personal or financial information online, especially when using a public Wi-Fi network and always use a virtual private network (VPN) when accessing the Internet from public Wi-Fi or when traveling to protect your online activity from prying eyes. This is why i like the Utopia web proxy.

Maintain the privacy of your personal information and do not share it with strangers or unknown websites. Furthermore, be cautious about what you share on social media and limit the amount of personal information you share.
You can help protect your personal information and stay safe while using the internet by following these tips.

However, it is still hard to prevent a human error that will eventually lead to vulnerable to attack because human error is a common problem that can lead to unwanted consequences in various online attacks.

It is impossible to completely eliminate human error, there are steps that can be taken to reduce the likelihood of errors occurring though. Use the UtopiaP2P to reduce the potential for human error and help ensure safety and accuracy in various fields.

CrytoCynthia

Member

Registered: 2022-11-19

Posts: 2,404

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

Maintain the privacy of your personal information and do not share it with strangers or unknown websites. Furthermore, be cautious about what you share on social media and limit the amount of personal information you share.
You can help protect your personal information and stay safe while using the internet by following these tips.

However, it is still hard to prevent a human error that will eventually lead to vulnerable to attack because human error is a common problem that can lead to unwanted consequences in various online attacks.

It is impossible to completely eliminate human error, there are steps that can be taken to reduce the likelihood of errors occurring though. Use the UtopiaP2P to reduce the potential for human error and help ensure safety and accuracy in various fields.

Yes I believe so, there are steps to take generally to avoid getting scammed and the biggest way to prevent yourself from being scammed is working on your greed.

IyaJJJ

Member

Registered: 2023-01-25

Posts: 1,605

Re: Hackers are actively exploiting a zero-day vulnerability in Fortra's G

However, it is still hard to prevent a human error that will eventually lead to vulnerable to attack because human error is a common problem that can lead to unwanted consequences in various online attacks.

It is impossible to completely eliminate human error, there are steps that can be taken to reduce the likelihood of errors occurring though. Use the UtopiaP2P to reduce the potential for human error and help ensure safety and accuracy in various fields.

Yes I believe so, there are steps to take generally to avoid getting scammed and the biggest way to prevent yourself from being scammed is working on your greed.

Control of greed can prevent an individual from getting scammed but do you know scams happen in various ways?
But whichever way the scam wants to happen the biggest way to prevent oneself from being scammed is to have the needed awareness or knowledge. If you work on your greed and you're not aware of how the scammer pulls their trick you can still be their victim.