🚨 Microsoft confirms Storm-1175 exploiting GoAnywhere MFT (CVE-2025-10035) in ongoing Medusa ransomware attacks.

The attacks:
- Remote deserialization vulnerability
- Lateral movement with RMM tools
- Exfiltration via Rclone
- Medusa ransomware payload deployment
💬 Security teams: Patch GoAnywhere instances immediately and monitor log files for SignedObject.get Object stack traces.

Follow @technadu for timely cybersecurity updates.

#CyberSecurity #GoAnywhereMFT #MedusaRansomware #RMMTools #ThreatIntel #DataProtection #IncidentResponse #InfoSec #TechNadu

The latest Fortra GoAnywhere MFT vulnerability has raised more than a few analysts eyebrows, with expectations of widespread exploitation.

However, now that CISA has added CVE-2025-10035 to its Known Exploited Vulnerabilities Catalog, one specialist is questioning Fortra response to the flaw, and if the company knows more than it's admitting.

#cybersecurity #goanywheremft #fortra

https://www.cyberdaily.au/security/12713-security-expert-questions-fortra-s-response-to-latest-goanywhere-mft-vulnerability

Check out yesterday’s episode of The CyberWire Daily podcast for insight into the state of the 🔎 #GoAnywhereMFT vulnerability from our team, along with my conversation with @bittner about our ✨2023 State of the Internet Report!

#SecurityResearch #ThreatHunting #Censys

https://podcasts.apple.com/us/podcast/the-cyberwire-daily/id1071831261

#Verpasstodon

Goanywhere-Attacke: Immer mehr Erpressungsopfer bekannt

Russische Ransomware kam über einen Admin-Zugang für den Dateiübertragungsdienst Goanywhere MFT. Die Opfer sind prominente Firmen.

https://www.heise.de/news/Goanywhere-Attacke-Immer-mehr-Erpressungsopfer-bekannt-7638209.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege

#Erpressung #Fortra #Gesundheitsdaten #GoAnywhereMFT #Ransomware #Security #cl0p