Security researchers with Rapid7 have disclosed threat actors are exploiting a critical vulnerability in an IBM file-exchange application to install ransomware on servers. The IBM Aspera Faspex critical vulnerability, tracked at CVE-2022-47986, was patched by IBM in January.
Sylvain Cortes, VP of Strategy at Hackuity had this comment:
“It is unsettling to note that for the same vulnerability (CVE-2022-47986) many cyber security companies have their own information that remains fragmented. It is important to be able to unify this information from several vendors in order to maximize its defense operations and trigger the right response. Solutions that aggregate vulnerability-related data from vulnerability scanners, EDRs or even service practices provide organizations with the critical visibility they depend on.”
This reminds me of the GoAnywhere file transfer solution vulnerability that has led to multiple organizations being pwned by the Cl0p ransomware group. Except that we haven’t seen threat exploit this to the same degree that Cl0p has. If you use IBM Aspera, you should be applying these patches ASAP, assuming you haven’t already so this doesn’t turn into another GoAnywhere situation.
Like this:
Like Loading...
Related
This entry was posted on March 29, 2023 at 10:47 am and is filed under Commentary with tags IBM. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Rapid7 Says That An IBM Aspera Vulnerability Has Been Used To Install Ransomware
Security researchers with Rapid7 have disclosed threat actors are exploiting a critical vulnerability in an IBM file-exchange application to install ransomware on servers. The IBM Aspera Faspex critical vulnerability, tracked at CVE-2022-47986, was patched by IBM in January.
Sylvain Cortes, VP of Strategy at Hackuity had this comment:
“It is unsettling to note that for the same vulnerability (CVE-2022-47986) many cyber security companies have their own information that remains fragmented. It is important to be able to unify this information from several vendors in order to maximize its defense operations and trigger the right response. Solutions that aggregate vulnerability-related data from vulnerability scanners, EDRs or even service practices provide organizations with the critical visibility they depend on.”
This reminds me of the GoAnywhere file transfer solution vulnerability that has led to multiple organizations being pwned by the Cl0p ransomware group. Except that we haven’t seen threat exploit this to the same degree that Cl0p has. If you use IBM Aspera, you should be applying these patches ASAP, assuming you haven’t already so this doesn’t turn into another GoAnywhere situation.
Share this:
Like this:
Related
This entry was posted on March 29, 2023 at 10:47 am and is filed under Commentary with tags IBM. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.