Censys Still Finds Public Admin Panels Vulnerable Months After GoAnywhere MFT Zero-Day Attacks
Censys, a security research company, reported in their recent study that around 180 public admin panels are still vulnerable months after the zero-day attacks on GoAnywhere MFT. Emily Austin and Himaja Motheram, both from Censys, have shared their research findings in a podcast episode hosted by The Cyberwire.
The zero-day vulnerability was discovered in early February of 2023 by Censys researchers on Fortra’s Managed File Transfer software, GoAnywhere MFT. Reports from the Clop ransomware gang surfaced soon after, claiming that they had exploited the vulnerability to gain access to data from 130 organizations. Other ransomware groups have also joined in on the bandwagon, making it essential to address the vulnerability as soon as possible.
Censys warned that even a single vulnerable instance could be used as a gateway for a data breach that could potentially impact millions of individuals. The research highlighted the critical need for organizations to patch their systems’ vulnerabilities continuously. Simple vulnerabilities can be exploited to launch malicious attacks that can result in severe consequences.
According to Censys, the inaction of certain organizations to address the vulnerability has made the public admin panels easy targets for cyber attacks. Censys researchers found more than 180 public admin panels still vulnerable to the zero-day attack despite several alerts and notifications sent concerning the issue.
Censys suggests that public admin panels should consider the use of web application firewalls (WAFs) and the elimination of unsecured protocols. Furthermore, they recommend that organizations implement frequent vulnerability scanning of any systems that may be at risk.
Censys notes that patching vulnerabilities is not always an easy task as some organizations have complex networks and systems, making it even more challenging to tackle when they neglect to implement regular system updates. The lack of urgency in some organizations towards prioritizing data security is alarming, as it puts their stakeholders’ data and reputation at risk.
In conclusion, it is vital for organizations to address vulnerabilities and take the necessary steps to protect sensitive data. Compliance, patching, and monitoring network activities must remain on top of the to-do list. System security must be a priority, and organizations must have clear and well-designed security frameworks, including contingencies and backups, to mitigate the risks of cyber attacks.
The fight against cyber threats requires a concerted effort from all stakeholders, and organizations must take the necessary measures to keep data safe from unauthorized access. Censys remains committed to providing expert research to support organizations in securing systems, networks, and data for a safer digital environment.