Security bug left more than 1,000 organizations exposed to ransomware, device hijacking

Security researchers discover two major flaws in FileWave’s endpoint (opens in new tab) management software that could have provided threat actors with a way to bypass authentication measures and completely take over the affected devices.

The errors affected more than 1,100 Internet-accessible FileWave administrative instances used by large government agencies, schools, small businesses, and many other businesses. In addition to completely taking over the instances, threat actors could have used the backdoor to launch ransomware (opens in new tab) attacks or steal sensitive data.


Source link