Progress Urges ShareFile Admins to Shut Down Servers Over Credible Threat
Urgent Action Required! 🚨
Progress Software is reaching out to ShareFile customers using Storage Zone Controllers, urging them to immediately shut down their servers. This action comes after the identification of a credible external security threat targeting the on-premises secure file-sharing software.
ShareFile is Progress Software’s enterprise secure file sharing and collaboration platform. Organizations can deploy Storage Zone Controllers on local Windows servers, allowing files to remain hosted within their own storage while still utilizing ShareFile’s cloud platform for authentication, user management, sharing, and collaboration.
What You Need to Know:
- Immediate Shutdown: The email warns that customers must manually shut down the Windows servers hosting Storage Zone Controllers. Simply disabling access through the ShareFile cloud platform is not sufficient to mitigate the threat.
- No Indications of Breach: Currently, there are no indications of unauthorized access to any Progress ShareFile accounts or data.
- Temporary Restrictions: Progress has implemented these restrictions out of an abundance of caution while collaborating with cybersecurity experts to investigate the threat. Another update is expected within 24 hours.
The ShareFile status page now indicates that customers with Storage Zone Controllers are not operational at this time. Progress has not disclosed whether the threat involves a zero-day vulnerability or if any Storage Zone Controllers have been compromised.
This warning echoes previous attacks targeting enterprise file transfer and file sharing software. In 2023, the Clop extortion gang exploited a zero-day vulnerability in Progress MOVEit Transfer, leading to significant data theft and extortion campaigns.
For more details, please read the full article here: Read full article