Progress Software program is emailing ShareFile clients utilizing Storage Zones Controller to instantly shut down their servers after figuring out what it says is a “credible exterior safety menace” concentrating on its on-premises safe file sharing software program.
ShareFile is Progress Software program’s enterprise safe file sharing and collaboration platform that enables clients to host information on Progress’s cloud infrastructure.
Nonetheless, organizations can select to deploy Storage Zones Controller on on-premises Home windows servers, permitting them to proceed utilizing ShareFile’s cloud platform for authentication, person administration, sharing, and collaboration whereas maintaining information hosted domestically in their very own storage.
In these hybrid deployments, ShareFile Cloud authenticates the person and determines which storage zone incorporates the file. When a person uploads or downloads a file, ShareFile sends the request to your group’s storage zone controller. Storage zone controllers retrieve or retailer information in your organization’s personal storage earlier than transferring them to customers.
Storage zones controllers deal with file transfers between cloud platforms and customer-managed storage, so they’re usually internet-accessible servers.
The warning, despatched to clients by way of electronic mail final evening and confirmed by BleepingComputer, is titled “Service Interruption. Fast Consideration Required.”
“We have now cause to imagine that there’s a credible exterior safety menace concentrating on Progress Software program’s ShareFile Storage Zones Controller,” the e-mail reads.
“Presently, there isn’t a indication of unauthorized entry to Progress ShareFile accounts or knowledge. As a precaution, we have now briefly disabled entry to ShareFile accounts utilizing storage zones controllers, together with these of our clients.”
Progress can also be instructing clients to manually shut down Home windows servers internet hosting storage zones controllers, indicating that merely disabling entry by way of the ShareFile cloud platform isn’t enough to mitigate the menace.
“You should manually shut down the server internet hosting the storage zones controller. This is a vital further step to make sure the protection of your knowledge,” the corporate instructed clients.
Progress mentioned it carried out the momentary restrictions “out of an abundance of warning” whereas working with inner and exterior cybersecurity consultants to analyze the menace, and mentioned it expects to offer new updates to clients inside 24 hours.
The ShareFile standing web page now shows a warning: “ShareFile clients utilizing Storage Zones Controller usually are not operational presently.”

Progress didn’t say whether or not the menace contained a zero-day vulnerability or whether or not the storage zones controller was compromised.
This warning is much like earlier assaults concentrating on company file switch and file sharing software program.
In 2023, the Clop extortion gang exploited a zero-day vulnerability in Progress MOVEit Switch to steal knowledge from hundreds of organizations and launch a widespread extortion marketing campaign in opposition to victims.
Since then, attackers have continued to focus on internet-facing managed file switch and enterprise file sharing platforms as a result of delicate knowledge is incessantly uncovered.
When requested by BleepingComputer for extra details about the cyber menace, a Progress spokesperson shared the identical particulars supplied to clients in an electronic mail.
Safety groups doc 54% of profitable assaults and challenge a warning on solely 14%. The remaining strikes invisibly by way of the surroundings.
Picus’ whitepaper exhibits methods to take a look at your SIEM and EDR guidelines in breach and assault simulations to make sure threats go undetected.
Get the white paper
