Accellion zero-day claims a new victim in cybersecurity company Qualys


Qualys has revealed that a “limited” number of customers may have been impacted by a data breach connected to an Accellion zero-day vulnerability.

The cloud security and compliance firm said on Wednesday that the security incident did not have any “operational impact,” but “unauthorized access” had been obtained to an Accellion FTA server used by the company.

Accellion File Transfer Appliance (FTA) is enterprise-grade software used for file transfers. In December 2020, FireEye’s Mandiant discovered that the Clop ransomware group was exploiting previously-unknown vulnerabilities in the legacy software to extort organizations, threatening to leak sensitive data stolen from vulnerable servers unless a ransom was paid.

Read more…
Source: ZDMet