Security News > 2023 > October > Ransomware attacks now target unpatched WS_FTP servers
Internet-exposed WS FTP servers unpatched against a maximum severity vulnerability are now targeted in ransomware attacks.
"The ransomware actors didn't wait long to abuse the recently reported vulnerability in WS FTP Server software," Sophos X-Ops said.
"Even though Progress Software released a fix for this vulnerability in September 2023, not all of the servers have been patched. Sophos X-Ops observed unsuccessful attempts to deploy ransomware through the unpatched services."
The low ransom demand hints at Internet-exposed and vulnerable WS FTP servers likely being targeted in mass automated attacks or by an inexperienced ransomware operation.
Organizations that cannot immediately patch their servers can block incoming attacks by disabling the vulnerable WS FTP Server Ad Hoc Transfer Module.
Exploit available for critical WS FTP bug exploited in attacks.
News URL
Related news
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)
- Five backup lessons learned from the UnitedHealth ransomware attack (source)
- Mega US healthcare payments network restores system 9 months after ransomware attack (source)
- SafePay ransomware gang claims Microlise attack that disrupted prison van tracking (source)
- Blue Yonder ransomware attack disrupts grocery store supply chain (source)
- Starbucks, grocery stores impacted by Blue Yonder ransomware attack (source)
- New NachoVPN attack uses rogue VPN servers to install malicious updates (source)
- VPN vulnerabilities, weak credentials fuel ransomware attacks (source)
- Bologna FC confirms data breach after RansomHub ransomware attack (source)