Security News > 2021 > February > Accellion to retire enterprise file-sharing product targeted in recent attacks

Accellion to retire enterprise file-sharing product targeted in recent attacks
2021-02-12 14:13

U.S.-based cloud solutions company Accellion will soon retire FTA, its legacy enterprise file-sharing solution, vulnerabilities in which have recently been exploited by attackers to breach a variety of organizations, including the Australian Securities and Investments Commission, the Washington State Auditor Office, and Singapore telecom Singtel.

Accellion FTA is a file-sharing product that allows organizations to "Transfer large and sensitive files securely using a 100% private cloud, on-premise or hosted."

Accellion said in early January that, in mid-December, they were made aware of a zero-day vulnerability in its FTA software, and that they "Resolved the vulnerability and released a patch within 72 hours to the less than 50 customers affected."

Various organizations have been breached through bugs in Accellion FTA. Since mid-December, several organizations confirmed that attackers have exploited vulnerabilities in FTA to get their hand on sensitive files that have been shared by each organizations through it.

"After Accellion first informed us of the vulnerability on 23 December, we had in a timely manner, made a series of patches they provided to plug the vulnerability - the first patch was applied on 24 December and the second and last patch was applied on 27 December. There were no patches issued by Accellion since," the company explained.

"On 23 January, Accellion issued another advisory citing a new vulnerability which the 27 December patch was not effective against and we immediately took the system offline. On 30 January, Accellion provided another patch for the new vulnerability which triggered an anomaly alert when we tried to apply it. Accellion informed thereafter that our system could have been breached and this had likely occurred on 20 January. We continued to keep the system offline and activated cyber and criminal investigations which has confirmed the 20 January date. Given the complexity of the investigations, it was only confirmed on 9 February that files were taken."


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/G_Swyo6vlG4/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Accellion 7 0 22 16 4 42