WS_FTP Server Under Attack Days After Vulnerabilities Disclosed

Researchers spotted mass exploitation attempts against vulnerabilities in WS_FTP Server. The attacks began on September 30.
Rapid7 analyzed the exploit chain and believes a single threat actor is responsible for the attempts across multiple WS_FTP instances.
The attacks are exploiting one or more of the 8 vulnerabilities disclosed by Progress Software on September 28. Rapid7 urges upgrading WS_FTP immediately.
This comes after Progress' MOVEit product was mass exploited by the Cl0p gang earlier this year, impacting 400+ organizations.
As a result of the MOVEit incidents, Progress is facing multiple lawsuits due to ongoing attacks that may net Cl0p up to $100 million.

theregister.com

Relevant topic timeline:

9/28/2023

Progress Urges Patch for Critical WS_FTP Flaws; Over 2,100 Hit by MOVEit Ransomware Attacks

Progress Software has warned customers to patch a critical vulnerability in its WS_FTP Server software, which has been exploited in recent data theft attacks, allowing unauthenticated attackers to execute remote commands and perform file operations outside the authorized folder path.