Security News > 2023 > October > Ransomware attacks now target unpatched WS_FTP servers
Internet-exposed WS FTP servers unpatched against a maximum severity vulnerability are now targeted in ransomware attacks.
"The ransomware actors didn't wait long to abuse the recently reported vulnerability in WS FTP Server software," Sophos X-Ops said.
"Even though Progress Software released a fix for this vulnerability in September 2023, not all of the servers have been patched. Sophos X-Ops observed unsuccessful attempts to deploy ransomware through the unpatched services."
The low ransom demand hints at Internet-exposed and vulnerable WS FTP servers likely being targeted in mass automated attacks or by an inexperienced ransomware operation.
Organizations that cannot immediately patch their servers can block incoming attacks by disabling the vulnerable WS FTP Server Ad Hoc Transfer Module.
Exploit available for critical WS FTP bug exploited in attacks.
News URL
Related news
- Ransomware on ESXi: The mechanization of virtualized attacks (source)
- OneBlood confirms personal data stolen in July ransomware attack (source)
- Over 660,000 Rsync servers exposed to code execution attacks (source)
- Enzo Biochem settles lawsuit over 2023 ransomware attack for $7.5M (source)
- Medusa ransomware group claims attack on UK's Gateshead Council (source)
- Ransomware attack forces Brit high school to shut doors (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Security pros more confident about fending off ransomware, despite being battered by attacks (source)
- Only 13% of organizations fully recover data after a ransomware attack (source)
- Ransomware attack at New York blood services provider – donors turned away during shortage crisis (source)