* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Saturday, September 27, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Cardi B Adds More Dates to Little Miss Drama Tour: ‘Y’all Making Me Work’ – Yahoo

    Cardi B Extends Little Miss Drama Tour: “Y’all Making Me Work

    ‘Today’: Sheinelle Jones Thanks Katie Couric for Support After Husband’s Death – CBS 19 News

    Sheinelle Jones Expresses Heartfelt Thanks to Katie Couric for Support After Husband’s Passing

    Sate your hunger at DBA’s Taste of Downtown – Bakersfield.com

    Indulge Your Cravings at DBA’s Taste of Downtown!

    Caesars Entertainment (CZR): Assessing Valuation After Times Square Casino Setback and Mounting Investor Concerns – simplywall.st

    Caesars Entertainment Faces Times Square Casino Hurdles as Investor Concerns Mount

    Why Hilaria Baldwin Has Found the ‘DWTS’ Process ‘Embarrassing’ At Times – WFXG

    Hilaria Baldwin Opens Up About the Embarrassing Moments on Her ‘DWTS’ Journey

    Harvest Fest 2025 – yadkinripple.com

    Celebrate the Bounty: Harvest Fest 2025 is Coming!

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Aurora police hope to add facial recognition technology to crime-fighting tools – CBS News

    Aurora Police Aim to Boost Crime-Fighting with New Facial Recognition Technology

    Autonomous Solutions shows off cutting-edge technology for the public – Cache Valley Daily

    Autonomous Solutions Unveils Cutting-Edge Technology for the Public

    Amazon to Pay $2.5 Billion in Prime Membership Settlement – The New York Times

    Amazon to Pay $2.5 Billion in Prime Membership Settlement – The New York Times

    What are we really gaining from technology? – Fast Company

    What Are We Really Gaining from Technology?

    TOMI Environmental Solutions, Inc. Expands SteraMist iHP Technology Services in Healthcare Sector with New Provider Partnership – Quiver Quantitative

    TOMI Environmental Solutions Accelerates SteraMist iHP Technology Expansion in Healthcare with New Provider Partnership

    Indiana County Technology Center’s Joint Operating Committee looks to the future as program plans began to take shape – Indiana Gazette Online

    Indiana County Technology Center’s Joint Operating Committee Charts an Exciting Path Forward as New Program Plans Take Shape

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Cardi B Adds More Dates to Little Miss Drama Tour: ‘Y’all Making Me Work’ – Yahoo

    Cardi B Extends Little Miss Drama Tour: “Y’all Making Me Work

    ‘Today’: Sheinelle Jones Thanks Katie Couric for Support After Husband’s Death – CBS 19 News

    Sheinelle Jones Expresses Heartfelt Thanks to Katie Couric for Support After Husband’s Passing

    Sate your hunger at DBA’s Taste of Downtown – Bakersfield.com

    Indulge Your Cravings at DBA’s Taste of Downtown!

    Caesars Entertainment (CZR): Assessing Valuation After Times Square Casino Setback and Mounting Investor Concerns – simplywall.st

    Caesars Entertainment Faces Times Square Casino Hurdles as Investor Concerns Mount

    Why Hilaria Baldwin Has Found the ‘DWTS’ Process ‘Embarrassing’ At Times – WFXG

    Hilaria Baldwin Opens Up About the Embarrassing Moments on Her ‘DWTS’ Journey

    Harvest Fest 2025 – yadkinripple.com

    Celebrate the Bounty: Harvest Fest 2025 is Coming!

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Aurora police hope to add facial recognition technology to crime-fighting tools – CBS News

    Aurora Police Aim to Boost Crime-Fighting with New Facial Recognition Technology

    Autonomous Solutions shows off cutting-edge technology for the public – Cache Valley Daily

    Autonomous Solutions Unveils Cutting-Edge Technology for the Public

    Amazon to Pay $2.5 Billion in Prime Membership Settlement – The New York Times

    Amazon to Pay $2.5 Billion in Prime Membership Settlement – The New York Times

    What are we really gaining from technology? – Fast Company

    What Are We Really Gaining from Technology?

    TOMI Environmental Solutions, Inc. Expands SteraMist iHP Technology Services in Healthcare Sector with New Provider Partnership – Quiver Quantitative

    TOMI Environmental Solutions Accelerates SteraMist iHP Technology Expansion in Healthcare with New Provider Partnership

    Indiana County Technology Center’s Joint Operating Committee looks to the future as program plans began to take shape – Indiana Gazette Online

    Indiana County Technology Center’s Joint Operating Committee Charts an Exciting Path Forward as New Program Plans Take Shape

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

ConnectWise users see cyber attacks surge, including ransomware

February 24, 2024
in Technology
ConnectWise users see cyber attacks surge, including ransomware
Share on FacebookShare on Twitter

Skórzewiak – stock.adobe.com

ConnectWise ScreenConnect users who have yet to patch against a critical vulnerability are now being targeted by a barrage of cyber attacks, including ransomware


Alex Scroxton

By

Alex Scroxton,
Security Editor

Published: 23 Feb 2024 15:51

Cyber attacks against vulnerable instances of the ConnectWise ScreenConnect remote management platform are now being observed following the disclosure of a critical vulnerability in the service, including some by an individual using a leaked variant of LockBit ransomware.

CVE-2024-1709 – described as “trivial” to exploit by one researcher who has poked around under the bonnet – is an authentication bypass vulnerability and was disclosed earlier this week. A second, less severe but still dangerous issue, CVE-2024-1708, is also in circulation.

Patches are available and further details of how to apply these, and who needs to do so, are available from ConnectWise.

Given the ease of exploitation, observers had already been predicting that attacks would unfold in short order, and this now appears to be the case, as Sophos X-Ops director Christopher Budd observed.

“We’ve seen multiple attacks involving ScreenConnect in the past 48 hours. The most noteworthy has been a malware that was built using the LockBit 3 ransomware builder tool leaked in 2022: this may not have originated with the actual LockBit developers. But we’re also seeing RATs [remote access Trojans], infostealers, password stealers and other ransomware. All of this shows that many different attackers are targeting ScreenConnect,” said Budd

“Anyone using ScreenConnect should take steps to immediately isolate vulnerable servers and clients, patch them and check for any signs of compromise. Sophos has extensive guidance and threat hunting material from Sophos X-Ops to help. We are continuing our investigations and will make updates as needed,” he told Computer Weekly in emailed comments.

Mike Walters, president and co-founder of Action1, a patch management specialist, was among those urging ConnectWise customers to sit up and take notice. “Potentially there could be thousands of compromised instances. The massive attack exploiting these vulnerabilities may be similar to the Kaseya vulnerability exploitation in 2021, as ScreenConnect is a very popular RMM among MSPs and MSSPs, and could result in comparable damage,” he said.

“The security advisory states that updated ScreenConnect versions 22.4 through 23.9.7 are planned for release and emphasises the recommendation to upgrade to ScreenConnect version 23.9.8 as a priority.

“Cloud customers hosting ScreenConnect servers on the ‘screenconnect.com’ or ‘hostedrmm.com’ domains are not affected, as updates have been implemented to address these vulnerabilities in the cloud service,” added Walters.

At the time of writing, Shodan data shows that there are around 9,000 vulnerable instances of ScreenConnect exposed to the internet, with just under 500 of those located in the UK.  

Sophos said the simplicity of exploitation made it imperative for users to assess their exposure and take steps beyond simply patching.

For maximum protection, security teams should be sure they have identified all ScreenConnect installations – including those run by external managed service providers (MSPs), isolate or uninstall the client software from identified devices until they can confirm they have patched, and then check those devices for potential malicious activity. This can include the creation of new local users, suspicious client software activity, system and domain recon, and any actions that may indicate someone has attempted to disable security controls.

A spokesperson for ConnectWise told Computer Weekly: “We have swiftly addressed the two vulnerabilities in our ScreenConnect software. Our cloud partners were automatically protected within 48 hours, while on-premise customers were urged to apply the provided patch immediately through the upgrade path we provided. We remain committed to prioritising the security of our partners’ systems and will continue to take proactive measures to address vulnerabilities promptly and effectively.

They added: “At this time, we cannot definitively establish a direct link between the vulnerability and any security incidents.”

This article was edited at 17:30 GMT on 23 February 2024 to incorporate a statement from ConnectWise.

Read more on Data breach incident management and recovery


ConnectWise ScreenConnect flaws under attack, patch now

AlexanderCulafi

By: Alexander Culafi


Cyber experts alarmed by ‘trivial’ ConnectWise vulns

AlexScroxton

By: Alex Scroxton


LockBit locked out: Cyber community reacts

AlexScroxton

By: Alex Scroxton


CISA reveals how LockBit hacked Boeing via Citrix Bleed

AlexScroxton

By: Alex Scroxton

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : Computer Weekly – https://www.computerweekly.com/news/366571022/ConnectWise-users-see-cyber-attacks-surge-including-ransomware

Tags: ConnectWisetechnologyusers
Previous Post

NCA trolls under fire LockBit gang leaders

Next Post

King Charles strips disgraced Post Office CEO of her CBE

What happens when President Trump attends major sports events – and why he does it – The Athletic – The New York Times

What happens when President Trump attends major sports events – and why he does it – The Athletic – The New York Times

September 27, 2025
New Delhi 2025: Preview, stars and how to watch the World Championships – Paralympic.org

New Delhi 2025 World Championships: Top Athletes to Watch and How You Can Catch the Action

September 27, 2025
Stock market exodus to Wall Street hits 20-year high – EL PAÍS English

Stock market exodus to Wall Street hits 20-year high – EL PAÍS English

September 27, 2025
October Prime Day TV Deals: Elevate Your Entertainment Space With These Early Savings – CNET

October Prime Day TV Deals: Upgrade Your Entertainment Space with These Early Savings

September 27, 2025
Georgia’s Medicaid work requirement program spent twice as much on administrative costs as on health care, GAO says – North Carolina Health News

Georgia’s Medicaid Work Requirement Program Spent Twice as Much on Administration as on Patient Care, GAO Finds

September 27, 2025
TGIF: Ian Donnis’ Rhode Island politics roundup for Sept. 26, 2025 – The Public’s Radio

TGIF: Ian Donnis’ Rhode Island politics roundup for Sept. 26, 2025 – The Public’s Radio

September 27, 2025
City Parks Initiative Launches Ecological Tracker for Bond Projects – Citizen Portal AI

Revolutionary Ecological Tracker Unveiled to Transform Monitoring of City Parks Bond Projects

September 27, 2025
Award-winning science writer leads student discussions at Eckerd – theonlinecurrent.com

Award-Winning Science Writer Inspires Student Discussions at Eckerd College

September 27, 2025
Human Head Transplants: Where the Science Stands, and Why the Ethics Are So Complicated – Discover Magazine

Human Head Transplants: The Science Behind the Procedure and the Complex Ethical Debate

September 27, 2025
New lifestyle brand TENŌRE set to open flagship store in Waikīkī – KITV

New lifestyle brand TENŌRE set to open flagship store in Waikīkī – KITV

September 27, 2025

Categories

Archives

September 2025
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
2930  
« Aug    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (839)
  • Economy (860)
  • Entertainment (21,734)
  • General (17,271)
  • Health (9,903)
  • Lifestyle (872)
  • News (22,149)
  • People (861)
  • Politics (870)
  • Science (16,069)
  • Sports (21,360)
  • Technology (15,842)
  • World (842)

Recent News

What happens when President Trump attends major sports events – and why he does it – The Athletic – The New York Times

What happens when President Trump attends major sports events – and why he does it – The Athletic – The New York Times

September 27, 2025
New Delhi 2025: Preview, stars and how to watch the World Championships – Paralympic.org

New Delhi 2025 World Championships: Top Athletes to Watch and How You Can Catch the Action

September 27, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version