Free Video Downloader

Fast and free all in one video downloader

For Example: https://www.youtube.com/watch?v=OLCJYT5y8Bo

1

Copy shareable video URL

2

Paste it into the field

3

Click to download button


Researchers say easy-to-exploit security bugs in ConnectWise remote-access software now under mass attack
February 28, 2024

Researchers say easy-to-exploit security bugs in ConnectWise remote-access software now under mass attack

Reading Time: 2 minutes

Security researchers say a pair of easy-to-exploit flaws in a popular remote-access tool used by more than a million companies around the world are now being mass exploited, with hackers abusing the vulnerabilities to deploy ransomware and steal sensitive data.

Cybersecurity giant Mandiant said in a post on Friday that it has ‘identified mass exploitation’ of the two flaws in ConnectWise ScreenConnect, a popular remote access tool that allows IT and technicians to remotely provide technical support directly on customer systems over the internet.

The two vulnerabilities comprise CVE-2024-1709, an authentication bypass vulnerability that researchers deemed ’embarrassingly easy’ for attackers to exploit, and CVE-2024-1708, a path-traversal vulnerability that allows hackers to remotely plant malicious code, such as malware, on vulnerable ConnectWise customer instances.

ConnectWise first disclosed the flaws on February 19 and urged on-premise customers to install security patches immediately. However, thousands of servers remain vulnerable, according to data from the Shadowserver Foundation, and each of these servers can manage up to 150,000 customer devices.

Mandiant said it had identified ‘various threat actors’ exploiting the two flaws and warned that ‘many of them will deploy ransomware and conduct multifaceted extortion,’ but did not attribute the attacks to specific threat groups.

Finnish cybersecurity firm WithSecure said in a blog post Monday that its researchers have also observed ‘en-mass exploitation’ of the ScreenConnect flaws from multiple threat actors. WithSecure said these hackers are exploiting the vulnerabilities to deploy password stealers, back doors, and in some cases ransomware.

WithSecure said it also observed hackers exploiting the flaws to deploy a Windows variant of the KrustyLoader back door on unpatched ScreenConnect systems, the same kind of back door planted by hackers recently exploiting vulnerabilities in Ivanti’s corporate VPN software. WithSecure said it could not yet attribute the activity to a particular threat group, though others have linked the past activity to a China-backed hacking group focused on espionage.

Security researchers at Sophos and Huntress both said last week that they had observed the LockBit ransomware gang launching attacks that exploit the ConnectWise vulnerabilities — just days after an international law enforcement operation claimed to disrupt the notorious Russia-linked cybercrime gang’s operations.

Huntress said in its analysis that it has since observed a ‘number of adversaries’ leverage exploits to deploy ransomware, and a ‘significant number’ of adversaries using exploits deploy cryptocurrency mining software, install additional ‘legitimate’ remote access tools to maintain persistent access to a victim’s network, and create new users on compromised machines.


Reference: https://techcrunch.com/2024/02/26/researchers-say-easy-to-exploit-security-bugs-in-connectwise-remote-access-software-now-under-mass-attack/

Ref: techcrunch

MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG

Leave a Reply

Your email address will not be published. Required fields are marked *