The electronic data interchange (EDI) of the Department for Work and Pensions (DWP) in the United Kingdom can be done via the Generic File Transfer Service (GFTS) gateway.

This article is aimed at companies which need to exchange files and data with the DWP.

For example, as an housing association …

A security advisory was created for SFTPPlus version 3.41.1 affecting caching of HTTP files and injection of external content into HTTML error messages.

A security advisory was created for SFTPPlus version 3.39.0 affecting the SCP protocol for which existing files were not always fully overwritten upon a new file upload request.

A security advisory was created for SFTPPlus version 3.37.1 affecting authentication of accounts using the HTTP API.

A security advisory was created for SFTPPlus version 3.33.0 affecting Cross-Site Scripting Attacks for HTTP and HTTPS pages accessed via a web browser.

In this post, we outline two main compliance obligations relevant to Australia - the OIAC Privacy Act and the ASD ISM. For those familiar with other international compliance obligations, such as the GPG13 (Good Practice Guide) provided by the UK or HIPAA (Health Insurance Portability and Accountability Act) provided by the …

SFTPPlus is not affected by Meltdown and Spectre. SFTPPlus secure file transfers does not allow any arbitrary application code execution.

A security advisory was created for SFTPPlus version 3.21.0 affecting Linux and Unix systems authenticating operating system accounts over FTP.

A security advisory was created for SFTPPlus version 3.18.0 affecting Linux and Unix systems that rely on the umask functionality.