Australian orgs exposed to Accellion vulnerability


By Dylan Bushell-Embling
Thursday, 21 January, 2021


Australian orgs exposed to Accellion vulnerability

The Australian Cyber Security Centre (ACSC) has warned that Australian organisations may have been impacted by the Accellion File Transfer Appliance (FTA) vulnerability that was behind the Reserve Bank of New Zealand data breach disclosed last week.

In a threat advisory, the ACSC said it has been working with cybersecurity partners to assist Australian organisations in relation to the vulnerability since 12 January, when the Reserve Bank revealed it had been breached.

The SQL injection vulnerability has the potential to be exploited to provide attackers with access to content stored on and accessible by the FTA instance, the ACSC said in the advisory, which has an alert status of high.

The ACSC is advising organisations running the vulnerable versions of the Accellion application to apply security patches as advised by the vendor, and to temporarily isolate or block internet access to and from systems hosting the FTA software until this is achieved.

Organisations should also conduct an audit of FTA user accounts for any changes, and consider requiring a password reset for FTA users, the advisory states. But ultimately, because Accellion considers the FTA to be a legacy product, organisations still using the product should migrate to supported products.

Image credit: ©stock.adobe.com/au/Leo Lintang

Related News

Study reveals three non-negotiables for Aussie online shoppers

A report from SOTI has found that 83% of Australian consumers would 'blacklist' an online...

Labor calls for national ransomware strategy

Two Labor shadow cabinet members have called for a national ransomware strategy to tackle the...

Former ADF Info Warfare head joins ParaFlare

The ADF's former Head of Information Warfare Dr Marcus Thompson has joined ParaFlare as a...


  • All content Copyright © 2021 Westwick-Farrow Pty Ltd