Close Menu
TechBrunchTechBrunch
  • Home
  • AI
  • Apps
  • Crypto
  • Security
  • Startups
  • TechCrunch
  • Venture

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

What's Hot

Instagram lets you share Spotify songs with your story to your sound

June 30, 2025

At every stage of TechCrunch, Charles Hudson tells us what investors really see

June 30, 2025

Baidu’s AI Breakthrough Hasn’t Been Priced In — Why BIDU Could Hit $120 Soon

June 30, 2025
Facebook X (Twitter) Instagram
TechBrunchTechBrunch
  • Home
  • AI

    OpenAI seeks to extend human lifespans with the help of longevity startups

    January 17, 2025

    Farewell to the $200 million woolly mammoth and TikTok

    January 17, 2025

    Nord Security founder launches Nexos.ai to help enterprises move AI projects from pilot to production

    January 17, 2025

    Data proves it remains difficult for startups to raise capital, even though VCs invested $75 billion in the fourth quarter

    January 16, 2025

    Apple suspends AI notification summaries for news after generating false alerts

    January 16, 2025
  • Apps

    Instagram lets you share Spotify songs with your story to your sound

    June 30, 2025

    Privacy-centric app maker Proton sues Apple over anti-competitive practices and charges alleged

    June 30, 2025

    Google is adopting AI in classrooms, including new Gemini tools for educators and chatbots for students

    June 30, 2025

    The former meta engineer has built AI tools to plan every detail of a trip

    June 30, 2025

    Tinder asks new users in California to use facial recognition technology to check their profiles

    June 30, 2025
  • Crypto

    Vitalik Buterin reserves for Sam Altman's global project

    June 28, 2025

    Calci will close a $185 million round as rival Polymeruk reportedly seeks $200 million

    June 25, 2025

    Stablecoin Evangelist: Katie Haun's Battle of Digital Dollars

    June 22, 2025

    Hackers steal and destroy millions of Iran's biggest crypto exchanges

    June 18, 2025

    Unique, a new social media app

    June 17, 2025
  • Security

    US government overthrows North Korea's major “workers” management

    June 30, 2025

    Mexican drug cartel hackers spy on FBI officials' phones to track and kill informants, the report says

    June 30, 2025

    FBI, cybersecurity firms say prolific hacking crews are currently targeting airlines and transportation sectors

    June 28, 2025

    Prolific cybercrime gangs currently targeting the airline and transportation sector

    June 27, 2025

    US and French authorities confirm arrest of a violation form hacker

    June 26, 2025
  • Startups

    7 days left: Founders and VCs save over $300 on all stage passes

    March 24, 2025

    AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

    March 24, 2025

    20 Hottest Open Source Startups of 2024

    March 22, 2025

    Andrill may build a weapons factory in the UK

    March 21, 2025

    Startup Weekly: Wiz bets paid off at M&A Rich Week

    March 21, 2025
  • TechCrunch

    OpenSea takes a long-term view with a focus on UX despite NFT sales remaining low

    February 8, 2024

    AI will save software companies' growth dreams

    February 8, 2024

    B2B and B2C are not about who buys, but how you sell

    February 5, 2024

    It's time for venture capital to break away from fast fashion

    February 3, 2024

    a16z's Chris Dixon believes it's time to focus on blockchain use cases rather than speculation

    February 2, 2024
  • Venture

    At every stage of TechCrunch, Charles Hudson tells us what investors really see

    June 30, 2025

    From $5 to Financial Empowerment: Why Stash co-founder Brandon Krieg is a must-see for TechCrunch All Stage 2025

    June 30, 2025

    A comprehensive list of 2025 tech layoffs

    June 30, 2025

    How to prepare for a second semester salary increase now live in 2025

    June 30, 2025

    Tiffany is lucky to have won a VCS at TC at every stage.

    June 30, 2025
TechBrunchTechBrunch

Researchers warn that high-risk ConnectWise flaws under attack are 'embarrassingly easy' to exploit

TechBrunchBy TechBrunchFebruary 21, 20244 Mins Read
Facebook Twitter Pinterest Telegram LinkedIn Tumblr WhatsApp Email
Share
Facebook Twitter LinkedIn Pinterest Telegram Email


“We can't bring it to the surface. This is awful,” Huntress CEO said

Security experts are A high-risk vulnerability in a widely used remote access tool is “easy and embarrassingly easy” to exploit, as the software's developer confirmed that malicious hackers are actively exploiting the flaw. he warned.

This maximum severity vulnerability affects ConnectWise ScreenConnect (formerly ConnectWise Control), a popular remote access software that enables managed IT providers and technicians to provide real-time remote technical support to customer systems. give.

The flaw, described as an authentication bypass vulnerability, could allow an attacker to remotely steal sensitive data or deploy malicious code such as malware from a vulnerable server. The vulnerability was first reported to ConnectWise on February 13th, and the company detailed the bug in a security advisory published on February 19th.

ConnectWise initially said there was no indication of public exploitation, but in an update on Tuesday it said ConnectWise had “received updated information on compromised accounts that our incident response team was able to investigate and confirm.” He said he confirmed it.

The company also shared three IP addresses that it said were “recently used by threat actors.”

In response to questions from TechCrunch, ConnectWise spokesperson Amanda Lee declined to say how many customers were affected, but said ConnectWise is aware of “limited reports” of suspected intrusions. Stated. Lee added that 80% of her customer environment is cloud-based and patches were automatically applied to her within 48 hours.

When asked if ConnectWise was aware of any data breaches or had the means to detect whether data had been accessed, Lee said: “No data breaches have been reported to us.”

Florida-based ConnectWise provides its remote access technology to more than 1 million small businesses, according to its website.

Cybersecurity firm Huntress on Wednesday released an analysis of an actively exploited ConnectWise vulnerability. John Hammond, a security researcher at Huntress, told his TechCrunch that Huntress is aware of an “ongoing” exploit and that threat actors are moving toward “more focused post-exploit persistence mechanisms.” He said he is seeing early signs of a shift.

“We're already seeing attackers deploying Cobalt Strike beacons and installing the ScreenConnect client on the affected servers themselves,” Hammond said, adding that security researchers can use them for testing or for malicious purposes. He mentioned Cobalt Strike, a popular exploit framework that some hackers use to gain access. network. “We can expect to see more of these compromises in the near future.”

Huntress CEO Kyle Hanslovan added that Huntress' own customer telemetry shows visibility into more than 1,600 vulnerable servers.

“You can't sugarcoat it, this is terrible. We're talking over 10,000 servers controlling hundreds of thousands of endpoints,” Hanslovan told TechCrunch, adding that ConnectWise has more than 8,800 servers controlling hundreds of thousands of endpoints. We noted that our servers remain vulnerable to exploitation.

Hanslovan added: “Due to the prevalence of this software and the access granted by this vulnerability, we are on the brink of a free ransomware attack.”

ConnectWise has released a patch for the currently exploited vulnerability and urges on-premises ScreenConnect users to apply the fix immediately. ConnectWise also released a fix for another vulnerability affecting its remote desktop software. Lee told TechCrunch that the company has seen no evidence that the flaw has been exploited.

Earlier this year, the U.S. government agencies CISA and the National Security Agency launched a “widespread cyber campaign involving the malicious use of legitimate remote monitoring and management (RMM) software” (ConnectWise SecureConnect) targeting multiple federal civilian executive branch agencies. including) was observed. agency.

The U.S. government agency has also observed hackers exploiting AnyDesk's remote access software, and AnyDesk earlier this month issued password resets and certificate revocations after discovering evidence that its production systems had been compromised. It was forced.

In response to a TechCrunch inquiry, Eric Goldstein, CISA Executive Assistant Director for Cybersecurity, said: “CISA is aware of reported vulnerabilities affecting ConnectWise ScreenConnect and is working to understand potential exploits in order to provide the necessary guidance and assistance.”


Are you affected by the ConnectWise vulnerability? You can contact Carly Page securely via Signal (+441536 853968) or email. carly.page@techcrunch.com. You can also contact TechCrunch. secure drop.



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

US government overthrows North Korea's major “workers” management

June 30, 2025

Mexican drug cartel hackers spy on FBI officials' phones to track and kill informants, the report says

June 30, 2025

FBI, cybersecurity firms say prolific hacking crews are currently targeting airlines and transportation sectors

June 28, 2025

Prolific cybercrime gangs currently targeting the airline and transportation sector

June 27, 2025

US and French authorities confirm arrest of a violation form hacker

June 26, 2025

Homeland Security warns about Iran-backed cyberattacks targeting US networks

June 26, 2025

Leave A Reply Cancel Reply

Top Reviews
Editors Picks

7 days left: Founders and VCs save over $300 on all stage passes

March 24, 2025

AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

March 24, 2025

20 Hottest Open Source Startups of 2024

March 22, 2025

Andrill may build a weapons factory in the UK

March 21, 2025
About Us
About Us

Welcome to Tech Brunch, your go-to destination for cutting-edge insights, news, and analysis in the fields of Artificial Intelligence (AI), Cryptocurrency, Technology, and Startups. At Tech Brunch, we are passionate about exploring the latest trends, innovations, and developments shaping the future of these dynamic industries.

Our Picks

Instagram lets you share Spotify songs with your story to your sound

June 30, 2025

At every stage of TechCrunch, Charles Hudson tells us what investors really see

June 30, 2025

Baidu’s AI Breakthrough Hasn’t Been Priced In — Why BIDU Could Hit $120 Soon

June 30, 2025

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

© 2025 TechBrunch. Designed by TechBrunch.
  • Home
  • About Tech Brunch
  • Advertise with Tech Brunch
  • Contact us
  • DMCA Notice
  • Privacy Policy
  • Terms of Use

Type above and press Enter to search. Press Esc to cancel.