Researchers at Rapid7 have reported a “possible mass exploitation” of vulnerabilities in Progress Software’s WS_FTP Server (a program that enables the upload and download files to and from a server).
Rapid7 reported that from September 30, it has observed “multiple instances of WS_FTP exploitation in the wild”.
With secure file transfer technologies continuing to be popular targets for attackers, the advice is to update/upgrade to a patched version of WS_FTP Server such as 8.8.2.
Also, those using the Ad Hoc Transfer module in WS_FTP Server who can’t update to a fixed version are advised to consider disabling or removing the module.
