News on Medial

Researchers say easy-to-exploit security bugs in ConnectWise remote-access software now under mass attack

TechCrunchTechCrunch · 10m
Researchers say easy-to-exploit security bugs in ConnectWise remote-access software now under mass attack

Security researchers have discovered two vulnerabilities in ConnectWise ScreenConnect, a popular remote-access tool used by over a million companies. Hackers are mass exploiting these flaws to deploy ransomware and steal sensitive data. The vulnerabilities include an authentication bypass issue and a path-traversal vulnerability allowing attackers to remotely plant malicious code. Although ConnectWise disclosed the flaws and urged customers to install patches, thousands of servers remain vulnerable. Cybersecurity firms have observed various threat actors exploiting the flaws, deploying password stealers, back doors, and ransomware. The scope of the vulnerabilities' impact is currently unknown.

Comments

Download the medial app to read full posts, comements and news.