Download App

Startup Showcase

Join our whatsapp channel for quick updates

Switch theme

Blog . Feedback . Privacy

© 2024 Medial Tech Pvt. Ltd.

News on Medial

Researchers say easy-to-exploit security bugs in ConnectWise remote-access software now under mass attack

TechCrunch · 8m

Researchers say easy-to-exploit security bugs in ConnectWise remote-access software now under mass attack

Security researchers have discovered two vulnerabilities in ConnectWise ScreenConnect, a popular remote-access tool used by over a million companies. Hackers are mass exploiting these flaws to deploy ransomware and steal sensitive data. The vulnerabilities include an authentication bypass issue and a path-traversal vulnerability allowing attackers to remotely plant malicious code. Although ConnectWise disclosed the flaws and urged customers to install patches, thousands of servers remain vulnerable. Cybersecurity firms have observed various threat actors exploiting the flaws, deploying password stealers, back doors, and ransomware. The scope of the vulnerabilities' impact is currently unknown.

2

Comments

More Like this

The ConnectWise cyberattack just got a whole lot worse

The ConnectWise cyberattack just got a whole lot worse

North Korea-backed hackers target security researchers with 0-day

North Korea-backed hackers target security researchers with 0-day

They’ve begun: Attacks exploiting vulnerability with maximum 10 severity rating

They’ve begun: Attacks exploiting vulnerability with maximum 10 severity rating

Actively exploited Cisco 0-day with maximum 10 severity gives full network control

Actively exploited Cisco 0-day with maximum 10 severity gives full network control

Researchers spot cryptojacking attack that disables endpoint protections

Researchers spot cryptojacking attack that disables endpoint protections

Hackers are exploiting ConnectWise flaws to deploy LockBit ransomware, security experts warn | TechCrunch

Hackers are exploiting ConnectWise flaws to deploy LockBit ransomware, security experts warn | TechCrunch

Threat actors exploited Windows 0-day for more than a year before Microsoft fixed it

Threat actors exploited Windows 0-day for more than a year before Microsoft fixed it

Google Chrome users alert! Govt warns of vulnerability: How to stay safe

Google Chrome users alert! Govt warns of vulnerability: How to stay safe

Alert Apple Vision Pro users! Govt. warns against risk: Protect your device

Alert Apple Vision Pro users! Govt. warns against risk: Protect your device

Meet the Never-Updaters: Why Some People Refuse to Download New Software

Meet the Never-Updaters: Why Some People Refuse to Download New Software

Top Users

Trending Posts on Medial

The winner of our last giveaway where we asked Medial members "Who’s the most knowledgeable shark in ....

so, how many of you sent an email to d@zomato.com today :P ....

Tanmay bhat said "Only a foolish would not give luck any credit" This is so apt. Like I can't imag ....

Share your answer for a chance to win the book "Surrounded by Idiots" by Thomas Erikson. Go! Deadl ....

Basics on Medial🟣 Difference between b2c and d2c ....

Top News of the Day: 1. Google has been under fire in multiple antitrust trials for its internal co ....

What is costlier? ....

If ChatGPT got angry because of you, all it needs to do is add a simple instruction in its memory, a ....

Man behind India's third-largest food app after Zomato and Swiggy. 1. Anshoo Sharma had everything ....

Hey devs can I know how much would be the cost / how manu users it supports at x amount of time : f ....

Download the medial app to read full posts, comements and news.