image credit: James / Flickr

Airplane manufacturer Bombardier has disclosed a security breach, data leaked online

Hackers exploited vulnerabilities in Accellion FTA file-sharing legacy servers to steal data from the airplane maker Bombardier and leak data on the site operated by the Clop ransomware gang.

The wave of attacks exploiting multiple zero-day vulnerabilities in the Accellion File Transfer Appliance (FTA) software began in mid-December 2020, threat actors use to deploy a shell dubbed DEWMODE on the target networks. Security experts from FireEye linked the cyber attacks to the cybercrime group UNC2546, aka FIN11. The attackers exfiltrate sensitive data from the target systems and then published it on the CLOP ransomware gang’s leak site.

Read More on Security Affairs