Surge in Cyber Attacks, Including Ransomware, Observed Among ConnectWise Users

Instances of the ConnectWise ScreenConnect remote management platform are now under attack from cyber threats after a critical vulnerability in the service was disclosed. One individual using a leaked variant of LockBit ransomware is among those carrying out the attacks. The vulnerability, known as CVE-2024-1709, is easy to exploit and allows for authentication bypass. Another less severe but still dangerous issue, CVE-2024-1708, is also circulating. ConnectWise has released patches to address the vulnerabilities and users are advised to apply them immediately. As predicted, attacks are already occurring, with multiple instances of malware, Remote Access Trojans (RATs), infostealers, password stealers, and ransomware being used against vulnerable ScreenConnect servers. Users are urged to isolate vulnerable servers and clients, patch them, and look for signs of compromise. Action1, a patch management specialist, warns that thousands of instances could potentially be compromised. Cloud customers hosting ScreenConnect servers on certain domains are not affected. Approximately 9,000 vulnerable instances of ScreenConnect are exposed to the internet, with around 500 in the UK. Sophos emphasizes the need for users to go beyond patching and to proactively assess their exposure and investigate for potential malicious activity. ConnectWise has stated that the vulnerabilities have been swiftly addressed, with cloud partners automatically protected and on-premise customers urged to apply the provided patch. ConnectWise is committed to the security of its systems and will continue to address vulnerabilities promptly. At this time, there is no direct link established between the vulnerability and any security incidents.

Unlock your business potential with our expert guidance. Get in touch now!

Oxford-skyline-fotolia.jpg

Oxford University Introduces Cyber Resilience Module in MBA Curriculum

Hacker-stereotype-hoodie-code-adobe-hero.jpg

Co-op Warns Staff to Stay Vigilant Against Potential Hackers

fake-fact-misinformation-Lemonsoup14-adobe.jpg

Government and Ofcom Clash Over Scope of Online Safety Act

security-threat-cyber-attack-2-adobe.jpeg

Decoding Cyber Attacks: The Challenge and Its Importance

ransomware-attack-encrypted-files-adobe.jpg

Scattered Spider Linked to M&S Cyber Attack

chess-strategy-game-intelligence-2-adobe.jpeg

Ongoing Challenges as UK’s Cyber Security and Resilience Bill Progresses

Crime-arrest-handcuffs-adobe.jpg

Concerns Escalate Over UK MoJ Crime Prediction Algorithms