Fortra Globalscape EFT Administration Server reported in mid-2023: Authentication Bypass (CVE-2023-2989): A critical out-of-bounds memory read flaw that can allow remote attackers to bypass authentication on the administration server, potentially granting unauthorized control over enterprise file transfers. Remote Code Execution (RCE): One of the vulnerabilities disclosed by Rapid7 could lead to remote code execution as a SYSTEM user, though it is noted as difficult to exploit. Denial of Service (CVE-2023-2990): An unauthenticated remote attacker can crash the service using a specially crafted recursively compressed packet. Information Disclosure (CVE-2023-2991): An issue where the hard drive serial number of the server can be remotely determined. SentinelOne +5 Facebook Context Facebook groups focused on cybersecurity, such as this InfoSec group , have shared these vulnerabilities, noting the potential for data to be made available online if these flaws are exploited. Other posts from security vendors like Blue Karma Security have historically used Globalscape news to highlight the broader trend of "breach booms" in managed file transfer (MFT) solutions. Facebook +1 Mitigation Globalscape released patches for these vulnerabilities in versions
Historically, Globalscape has relied on rigorous penetration testing and proactive patching to mitigate these risks before they escalate into full-scale breaches. Why Facebook is Mentioned site%3afacebook.com+globalscape+breached
The specific search string site:facebook.com globalscape breached often leads users to a mix of two unrelated but massive cybersecurity events. One is the , which exposed the data of over 530 million users. The other is the series of devastating attacks on MFT software providers like Accellion , GoAnywhere , and MOVEit . Globalscape and the MFT Threat Landscape such as this InfoSec group