ThreatLocker Mitigation and GoAnywhereMFT Zero-Day Exploit
Note: This article is based on documentation from Bleeping Computer. Source: https://www.bleepingcomputer.com/news/security/goanywhere-mft-zero-day-vulnerability-lets-hackers-breach-servers/
What is GoAnwhere MFT Zero-Day Exploit?
GoAnywhere MFT is a secure web file transfer solution that allows companies to transfer encrypted files with their partners while keeping detailed audit logs of who accessed the files.
A Zero-Day Remote Code Injection exploit was identified in GoAnywhere MFT, according to Bleeping Computer.
- Firstly, permit the application through our Allowlisting solution.
- If you must permit it, use Ringfencing to protect/restrict file access.
- Use Network Access Controls to block all unknown ports.
- This will mitigate the threat as it is a SAAS product and requires the exposing of a port 8000+ to work.
Did this answer your question?
Thanks so much for your feedback!
%s of people found this helpful.