Surge in Cyber Attacks, Including Ransomware, Observed Among ConnectWise Users

Instances of the ConnectWise ScreenConnect remote management platform are now under attack from cyber threats after a critical vulnerability in the service was disclosed. One individual using a leaked variant of LockBit ransomware is among those carrying out the attacks. The vulnerability, known as CVE-2024-1709, is easy to exploit and allows for authentication bypass. Another less severe but still dangerous issue, CVE-2024-1708, is also circulating. ConnectWise has released patches to address the vulnerabilities and users are advised to apply them immediately. As predicted, attacks are already occurring, with multiple instances of malware, Remote Access Trojans (RATs), infostealers, password stealers, and ransomware being used against vulnerable ScreenConnect servers. Users are urged to isolate vulnerable servers and clients, patch them, and look for signs of compromise. Action1, a patch management specialist, warns that thousands of instances could potentially be compromised. Cloud customers hosting ScreenConnect servers on certain domains are not affected. Approximately 9,000 vulnerable instances of ScreenConnect are exposed to the internet, with around 500 in the UK. Sophos emphasizes the need for users to go beyond patching and to proactively assess their exposure and investigate for potential malicious activity. ConnectWise has stated that the vulnerabilities have been swiftly addressed, with cloud partners automatically protected and on-premise customers urged to apply the provided patch. ConnectWise is committed to the security of its systems and will continue to address vulnerabilities promptly. At this time, there is no direct link established between the vulnerability and any security incidents.

Unlock your business potential with our expert guidance. Get in touch now!

silenced-gagged-secret-Michael-adobe.jpg

Post Office Criticized for Deleting Comments on IT Scandal from Social Media

Whitehouse-fotolia-scaled.jpg

When Leaders Overlook Cybersecurity Guidelines, the Entire System Suffers

Police-crime-2-adobe.jpg

Police Digital Service Board Director Resigns Months After CISO’s Departure

surveillance-CCTV-facial-recognition-Gorodenkoff-adobe.jpg

Essex Police Reveals ‘Incoherent’ Facial Recognition Evaluation

chatbot-1-fotolia.jpg

Podcast: RSA 2025 – Navigating AI Risks and the CISO’s Role

hybrid-cloud-storage-fotolia.jpg

Trump’s Visit Strengthens Saudi Arabia’s AI Initiatives

threat-management-fotolia.jpg

Security Tests Uncover Major Vulnerability in Government’s One Login Digital ID System