A new round of software attacks has raised another red flag concerning supply-chain security and the prevalence of third-party supply-chain targeting. Cybercriminals exploited four zero-day vulnerabilities in Accellion’s File Transfer Appliance (FTA) software, which was nearing End-of-Life (EoL) status, to access Accellion customers’ data. The attacks allegedly began in December 2020, and in the following two months victims received ransom notes from the cybercriminals who operate the “Clop” ransomware. The notes stated that the victims’ data would be exposed unless payments were made. These attacks mark a technical advancement for cybercriminal groups: Supply-chain attacks and exploitation of zero-day vulnerabilities are common, but are more typically the work of state-sponsored groups.
Four zero-day vulnerabilities in Microsoft Exchange Servers have been linked to more than 30,000 cyber atta...
Most Recent Flipbooks
Main story: Rogue ex-developer leaks LockBit 3.0 builder
Main story: Uber compromised by Lapsus$'s resurgence
Main story: Cyber attacks shock the Italian energy sector
Main story: Back to school for students and ransomware groups
Main story: LastPass suffers source code data breach
Main story: LockBit under DDoS attack: Entrust strikes back?
Main Story: Cisco defies extortion attempts after network breach
Main story: Cybercriminals scramble for new hiding places after 911 proxy service folds
Main story: Free-to-use Redeemer opens doors for ransomware enthusiasts
Main story: LockBit launches new version, welcomes bug hunters
Main story: Attackers seize Microsoft zero-day for malware dissemination, espionage