-: FOLLOW US :- @theinsaneapp
Hackers have accessed protected health information of 1 million patients from Community Health Systems, one of the largest hospital chains in the US.
-: FOLLOW US :- @theinsaneapp
The hackers used a vulnerability in GoAnywhere MFT, a managed file transfer product licensed by Fortra to large organizations.
-: FOLLOW US :- @theinsaneapp
The compromised data included protected health information and personal information of patients.
-: FOLLOW US :- @theinsaneapp
Cybersecurity firm Fortra issued a private advisory to customers warning about a “zero-day remote code injection exploit” targeting GoAnywhere, which has since been patched.
-: FOLLOW US :- @theinsaneapp
The attack vector of this exploit requires access to the administrative console of the application.
-: FOLLOW US :- @theinsaneapp
The Fortra breach led to the exposure of PHI and PI of patients of Community Health Systems affiliates.
-: FOLLOW US :- @theinsaneapp
The malware used in the attack was an updated version of Truebot, used by the Silence threat group, which has ties to ransomware group Clop.
-: FOLLOW US :- @theinsaneapp
The vulnerability is a pre-authentication deserialization issue with high exploitability and attacker value.
-: FOLLOW US :- @theinsaneapp
Organizations using GoAnywhere should take the threat seriously and patch the vulnerability.
-: FOLLOW US :- @theinsaneapp
Stop-gap measures include restricting network-level access to the administrator port and removing browser users’ access to the vulnerable endpoint.