
Progress ShareFile Users: Company Orders Immediate Shutdown Over Security Threat
If your business uses ShareFile for file storage, Progress Software has ordered customers to shut down specific servers immediately due to a confirmed security threat.
Source
The Hacker News
Original headline: URGENT - Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat
Plain-English summary by GetCyberRight. Read the full report at the source above.
Progress Software, the company behind ShareFile file sharing service, has told its customers to immediately shut down their Windows servers that run Storage Zone Controllers. The company confirmed it is responding to what it calls a credible external security threat. Progress has also temporarily disabled access to affected customer accounts as a precautionary measure while it investigates the situation. This primarily affects businesses and organizations that use ShareFile with their own Storage Zone Controllers. These are special servers that some ShareFile customers run on their own Windows computers to store and manage files. If you or your employer use ShareFile but do not run your own Storage Zone Controller, this issue likely does not affect you directly. However, if you work for a company that manages its own ShareFile storage, your IT team should already be working on this.
If you use ShareFile for work, here is what you should do right now.
- Contact your company's IT department or the person who manages your ShareFile account to confirm whether you are affected.
- If your organization does use Storage Zone Controllers, make sure they follow Progress Software's instructions to shut them down immediately.
- Watch for official communications from your employer or from Progress Software about when it is safe to resume normal operations.
- Be extra cautious about any emails claiming to be from ShareFile, as attackers may try to take advantage of this situation with phishing attempts. For long term protection, remember that business file sharing services hold sensitive company information. Always use strong, unique passwords for work accounts and enable two factor authentication if your company offers it. Keep your work files separate from personal files. If you receive any suspicious emails about this incident, forward them to your IT department before clicking any links or downloading attachments.
Curated from trusted cybersecurity sources by GetCyberRight
Source: The Hacker NewsStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles

Government Cybersecurity Agency Accidentally Exposed Its Own Passwords Online
CISA, the agency responsible for protecting government computer systems, had employee passwords accidentally posted publicly on GitHub by a contractor.
2 min read
CISA Contractor Accidentally Exposed Passwords in Public Online Repository
An employee of a contractor working for the U.S. cybersecurity agency CISA accidentally uploaded passwords to a publicly accessible location on GitHub.
2 min readWhy Firmware Attacks Now Threaten Your Smart Home Devices
Six newly discovered vulnerabilities in common device firmware let attackers hide malware where your antivirus can't see it. Here's what families need to know.
3 min readRyuk Ransomware Criminal Faces 15 Years: What Families Need to Know
An Armenian hacker pleaded guilty to ransomware attacks on U.S. businesses. His arrest proves cybercriminals can be caught and prosecuted.
3 min read