Surge in Cyber Attacks, Including Ransomware, Observed Among ConnectWise Users

Instances of the ConnectWise ScreenConnect remote management platform are now under attack from cyber threats after a critical vulnerability in the service was disclosed. One individual using a leaked variant of LockBit ransomware is among those carrying out the attacks. The vulnerability, known as CVE-2024-1709, is easy to exploit and allows for authentication bypass. Another less severe but still dangerous issue, CVE-2024-1708, is also circulating. ConnectWise has released patches to address the vulnerabilities and users are advised to apply them immediately. As predicted, attacks are already occurring, with multiple instances of malware, Remote Access Trojans (RATs), infostealers, password stealers, and ransomware being used against vulnerable ScreenConnect servers. Users are urged to isolate vulnerable servers and clients, patch them, and look for signs of compromise. Action1, a patch management specialist, warns that thousands of instances could potentially be compromised. Cloud customers hosting ScreenConnect servers on certain domains are not affected. Approximately 9,000 vulnerable instances of ScreenConnect are exposed to the internet, with around 500 in the UK. Sophos emphasizes the need for users to go beyond patching and to proactively assess their exposure and investigate for potential malicious activity. ConnectWise has stated that the vulnerabilities have been swiftly addressed, with cloud partners automatically protected and on-premise customers urged to apply the provided patch. ConnectWise is committed to the security of its systems and will continue to address vulnerabilities promptly. At this time, there is no direct link established between the vulnerability and any security incidents.

Unlock your business potential with our expert guidance. Get in touch now!

How-to-set-up-an-SFTP-server-on-Linux.jpeg

Setting Up an SFTP Server on Linux: A Step-by-Step Guide

tr_20250113-supporters-of-chromium-based-browsers.jpg

Linux Foundation Launches Initiative to Back Chromium Development

People-hero-AdobeStock_274661574.jpg

AI Promises Time Savings, Yet It Seems to Be Taking It Away

tr_20250110-it-hiring-outlook-australia-2025.jpg

Australian IT Sector Projects Robust Employment Growth for 2025

voip-security-and-encryption-featured-image-01092025-min.jpg

Concerned About VoIP Security and Encryption? We’ve Got You Covered.

windows-fax-and-scan-featured-image-01092025-min.png

7 Easy Steps to Utilize Windows Fax and Scan

AdobeStock_396712760.jpg

The Future of Open Source Software Security: What to Expect in 2025