Every hour, PaceLine exchanged 15,000 sensitive shipping manifests with customs brokers. This traffic flowed through a Globalscape EFT server. Unbeknownst to the IT team, a junior developer had accidentally left an hardcoded in a legacy script three years ago. That credential had just appeared on a dark web leak site.
Because the engine didn't just block the IP (which the attacker would change), it allowed the attacker to stay in a sandboxed environment, wasting his time while collecting his TTPs (Tactics, Techniques, and Procedures). globalscape active threat