Security Stop Press : Mass WS_FTP Exploitation Warning

Researchers at Rapid7 have reported a “possible mass exploitation” of vulnerabilities in Progress Software’s WS_FTP Server (a program that enables the upload and download files to and from a server).

Rapid7 reported that from September 30, it has observed “multiple instances of WS_FTP exploitation in the wild”.

With secure file transfer technologies continuing to be popular targets for attackers, the advice is to update/upgrade to a patched version of WS_FTP Server such as 8.8.2.

Also, those using the Ad Hoc Transfer module in WS_FTP Server who can’t update to a fixed version are advised to consider disabling or removing the module.