Scott Montgomery, VP of Federal, Island

The security vendor’s customers have confronted a barrage of actively exploited defects since 2021. The brute-force attack on a company-controlled system underscores broader security pitfalls are afoot.

Researchers said malicious activity dates back to early July and active exploitation was observed two months ago.

Multiple researchers and CISA have confirmed active exploitation of the maximum-severity defect. Fortra, the company behind the file-transfer service, remains silent.

The notorious ransomware group exploited multiple vulnerabilities, including a zero-day, for at least eight weeks before alleged victims received extortion demands.

The open-source software company said exposure is limited to consulting engagements, adding that it hasn’t found evidence of personal or sensitive data theft.

The emails, which are littered with broken English, aim to instill fear, apply pressure, threaten public exposure and seek negotiation for a ransom payment.

Brian Carbaugh, CEO of Andesite

Authorities arrested 260 cybercrime suspects during a two-week operation spanning 14 African countries, Interpol announced Friday. The globally coordinated summertime crackdown dubbed “Operation Contender 3.0” targeted criminal…

Forta, the vendor behind the file-transfer service software, has yet to report exploitation or address evidence of compromise. Independent researchers say otherwise.