Friday, July 23, 2021

Cybersecurity Firm Qualys Confirms Unauthorized Access to Data Using Accellion hacks

Must Read

Open University Targeted Using More than a Million Malicious Email Saved Up This Year

The UK's Open University was targeted with more than 1 million malicious email attacks from January to September this...

Supply chain attacks are on the rise: NCSC warns

Addressing big business and government agencies, the UK's National Cyber ​​Security Center (NCSC) has issued a warning that attacks...

New Law to Track Down on Fraudulent Foreign Firms Listed in the US

The House of Representatives has passed a new bill designed to stop fraudulent overseas firms listed on US stock...

Enterprise cloud security firm Qualys has become the latest victim to join a long list of entities to have suffered a data breach after zero-day vulnerabilities in its Accellion File Transfer Appliance (FTA) server were exploited to steal sensitive business documents.

Qualys has revealed that a “limited” number of customers may have been impacted by a data breach connected to an Accellion zero-day vulnerability.

Founded in 1999, the California-based firm serves more than 10,000 customers in over 130 countries around the world, including many of the Forbes Global 100 companies.

The cloud security and compliance firm said on Wednesday that the security incident did not have any “operational impact,” but “unauthorized access” had been obtained to an Accellion FTA server used by the company. 

Hours after the Clop ransomware gang published data allegedly stolen from information security and compliance solutions provider Qualys, the company has confirmed being impacted by the recent cyberattack involving Accellion’s FTA product.

As proof of access to the data, the cybercriminals behind the recent hacks targeting Accellion FTA servers have shared screenshots of files belonging to the company’s customers on a publicly accessible data leak website operated by the CLOP ransomware gang.

In December, a wave of attacks targeted the Accellion FTA file-sharing application using a zero-day vulnerability that allowed attackers to steal files stored on the server.

Accellion File Transfer Appliance (FTA) is enterprise-grade software used for file transfers. In December 2020, FireEye’s Mandiant discovered that the Clop ransomware group was exploiting previously-unknown vulnerabilities in the legacy software to extort organizations, threatening to leak sensitive data stolen from vulnerable servers unless a ransom was paid. 

It is still unclear if the Clop ransomware gang performed the attacks on Accellion FTA devices or is partnering with another group to share the files and extort victims publicly.

Accellion says it has worked “around the clock to develop and release patches that resolve each identified FTA vulnerability and support our customers affected by this incident.”

“We immediately notified the limited number of customers impacted by this unauthorized access,” Qualys says, without providing additional information on the compromised data or the number of affected customers.

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.


Please enter your comment!
Please enter your name here

Latest News

OAIC: Uber found to have interfered with the privacy of over 1.2 million Australians

The Office of the Australian Information Commissioner (OAIC) has determined that Uber Technologies, Inc. and Uber B.V. have interfered...

Over 80 US Municipalities data are exposed due to Misconfigured Amazon S3

A team of Cybersecurity researchers at Wizcase found major data exposure of Over 80 US Municipalities due to the Misconfigured Amazon S3 Bucket. This happened...

Formbook malware Upgraded as an XLoader malware to Attack macOS Systems

Researchers have spotted an upgraded malware variant of Formbook malware which is now Upgraded as an XLoader malware to Attack macOS Systems. Cybersecurity researchers on...

Millions of HP, Samsung, Xerox Printers are Vulnerable to 16 year old bug

A 16-year-old security vulnerability affects Millions of HP, Samsung, Xerox Printers Driver allows attackers to gain admin rights on systems using the vulnerable driver...

MosaicLoader malware targets cracked software via SEO poisoning

New MosaicLoader malware targets users that are searching to download cracked software. Cybercriminals run ad campaigns in search engine results to boost their malicious...

More Articles Like This