Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Security IBM

Ransomware Crooks Are Exploiting IBM File-Exchange Bug With a 9.8 Severity (arstechnica.com) 18

Threat actors are exploiting a critical vulnerability in an IBM file-exchange application in hacks that install ransomware on servers, security researchers have warned. From a report: The IBM Aspera Faspex is a centralized file-exchange application that large organizations use to transfer large files or large volumes of files at very high speeds. Rather than relying on TCP-based technologies such as FTP to move files, Aspera uses IBM's proprietary FASP -- short for Fast, Adaptive, and Secure Protocol -- to better utilize available network bandwidth. The product also provides fine-grained management that makes it easy for users to send files to a list of recipients in distribution lists or shared inboxes or workgroups, giving transfers a workflow that's similar to email.

In late January, IBM warned of a critical vulnerability in Aspera versions 4.4.2 Patch Level 1 and earlier and urged users to install an update to patch the flaw. Tracked as CVE-2022-47986, the vulnerability makes it possible for unauthenticated threat actors to remotely execute malicious code by sending specially crafted calls to an outdated programming interface. The ease of exploiting the vulnerability and the damage that could result earned CVE-2022-47986 a severity rating of 9.8 out of a possible 10. On Tuesday, researchers from security firm Rapid7 said they recently responded to an incident in which a customer was breached using the vulnerability.

This discussion has been archived. No new comments can be posted.

Ransomware Crooks Are Exploiting IBM File-Exchange Bug With a 9.8 Severity

Comments Filter:
  • "now that's a name I have not heard in a long time."
    • by bn-7bc ( 909819 )
      Not very surprising since IBM has been out of the consumer space for a rather long time. But they do have platforms if you need massive I/O and serious computing power, that is at the level where just clustering racks of x64 servers becomes inefficient. I am ofc referring to Z-series mainframes and the like, and before you say mainframes are only for really old legacy, it seams that Amazon (Read this a year or to back so plz pardon the lack of a link) is relying quite heavily on them to cope with demand dur
  • So.... (Score:5, Funny)

    by dfn5 ( 524972 ) on Wednesday March 29, 2023 @11:26AM (#63409076) Journal

    Aspera uses IBM's proprietary FASP -- short for Fast, Adaptive, and Secure Protocol -- to better utilize available network bandwidth.

    I suppose now it's just the Fast Adaptive Protocol. That's an unfortunate acronym.

    • by Pascoea ( 968200 )
      Dammit, you beat me to it! (Pardon the pun)
    • Gah!
      I visited this page just to post that, only to find out my EPYC (ahem) line was stolen...

    • by rjune ( 123157 )

      How about FAIP, or Fast, Adaptive, and Insecure Protocol. We could have a lot of fun with this, since it's partially secure, Half FAS Protocol?

  • by ttspttsp ( 7600944 ) on Wednesday March 29, 2023 @11:28AM (#63409084)
    elaborate attempt to market IBM's proprietary data transfer protocol?
  • by ctilsie242 ( 4841247 ) on Wednesday March 29, 2023 @12:12PM (#63409208)

    I'm sort of curious what is so special about FASP? Does it use UDP like old-school active FTP that created a TCP session, then a data channel over UDP was done? Or does it do a "tunnel", set up keys on each side, and then does UDP over that, with some key management to set up encryption/authentication over a sliding window?

    It would have to be UDP when over the Internet, as any other protocols likely would be dropped.

    I'm sure it works, because even HTTP supports UDP, but wonder if it works well enough to pay the big bucks for these devices.

  • What's stopping people from updating?
    • by bn-7bc ( 909819 )
      Coordination of maintenance windows and this being an IBM product, not having the license for the updated version of the sw :) Or am I thinking of Oracle/SUN hmm......
  • No, not even when you are IBM, at least not today.

You know you've landed gear-up when it takes full power to taxi.

Working...