Globalscape Malicious Jun 2026

A critical out-of-bounds memory read flaw in the Globalscape EFT administration server could allow attackers to bypass authentication or crash the service.

) are allowed to enter the gateway. Multi-Factor Authentication (MFA): To ensure no stolen credentials can be used to bypass entry points. Data Sovereignty Controls: Automated workflows that redact sensitive information (like PII or credit card data) from files before they even leave the sender's hands. In this digital globalscape, the malicious actor finds that the very "superspeedway" they tried to hijack has become a fortress of SFT (Secure File Transfer) Threat Protection . AI can make mistakes, so double-check responses Copy Creating a public link... You can now share this thread with others Good response Bad response 14 sites Globalscape https://kb.globalscape.com How do I prevent users from uploading malicious files to EFT? First, designate which extensions are allowed (not allowed) for uploads: Create an Event Rule that detects, renames, and if a file... Globalscape https://www.globalscape.com Threat Protection - Secure ICAP Gateway - Globalscape What is the SFT Threat Protection Bundle? Sharing information comes with inherent risks. There's the risk of opening your systems ... Globalscape https://www.globalscape.com Blog - Globalscape Stop Bad IPs Continually with Globalscape's Threat Brain Integration. ... In today's cybersecurity environment, every bit of proac... Globalscape https://www.globalscape.com Meeting PCI DSS Compliance with Globalscape EFT Mar 29, 2017 — globalscape malicious

Malware: Certain versions of Globalscape's software have been flagged as potentially malicious or have been exploited by threat actors to distribute malware. A critical out-of-bounds memory read flaw in the

In 2023, the Cl0p ransomware gang exploited a zero-day vulnerability in Fortra’s GoAnywhere MFT (CVE-2023-0669). While this specific vulnerability targeted GoAnywhere, it cast a shadow over the entire Fortra MFT portfolio, which includes GlobalSCAPE EFT. You can now share this thread with others

This report details how legitimate GlobalSCAPE binaries are utilized by Advanced Persistent Threats (APT) and cybercriminal groups to evade detection, specifically highlighting the 2023 MOVEit/GoAnywhere attacks affecting the parent company (Fortra), and the abuse of legitimate GlobalSCAPE executables to bypass Application Whitelisting.

Security teams should search for the following artifacts to identify potential abuse:

As a cornerstone of , Globalscape EFT is designed to move sensitive data securely. However, its popularity makes it a prime target for bad actors looking to exploit vulnerabilities or use it as a vector for malware delivery. Protecting your environment requires a multi-layered defense strategy that addresses both the software's integrity and the safety of the content it carries. 1. Hardening the Infrastructure Against Exploits