TechRepublic

New Vulnerabilities in ConnectWise ScreenConnect Massively Exploited by Attackers

One vulnerability impacting ConnectWise ScreenConnect that allows remote attackers to bypass authentication to create admin accounts is being used in the wild. Two new vulnerabilities impact ...
CRN

Blackcat Ransomware Linked With ScreenConnect, Recent Health Care Attacks: US

The FBI, CISA and HHS said that a ScreenConnect remote access domain has commonly been utilized during a spate of recent Blackcat attacks against health care providers. A ScreenConnect remote access ...
CRN

CISA: Update ConnectWise ScreenConnect Servers Or Take Offline As Ransomware Is Deployed

‘It's odd because now our work has shifted to not getting ahead of the vulnerability and understanding it and sharing the intel, it's watching the internet burn and trying to respond and remediate the ...
Infosecurity-magazine.com

Hackers Target ScreenConnect Features For Network Intrusions

A rise in cyber-attacks exploiting remote monitoring and management (RMM) tools for initial access via phishing has been observed by cybersecurity researchers. According to the new findings from the ...
Bleeping Computer

ScreenConnect flaws exploited to drop new ToddlerShark malware

The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a new malware variant dubbed ToddlerShark. Kimsuky ...
Infosecurity-magazine.com

Ransomware Warning as CVSS 10.0 ScreenConnect Bug is Exploited

IT admins have been urged to patch any on-premises ScreenConnect servers immediately, after reports that a recently published maximum severity vulnerability is being exploited in the wild.
Dark Reading

Critical ConnectWise RMM Bug Poised for Exploitation Avalanche

Users of the ConnectWise ScreenConnect remote desktop management tool are under active cyberattack, after a proof-of-concept (PoC) exploit surfaced for a max-critical security vulnerability in the ...
Bleeping Computer

ConnectWise urges ScreenConnect admins to patch critical RCE flaw

ConnectWise warned customers to patch their ScreenConnect servers immediately against a maximum severity flaw that can be used in remote code execution (RCE) attacks. This security bug is due to an ...
CSOonline

Critical ConnectWise ScreenConnect flaw exploited in the wild: Update

A critical vulnerability patched this week in the ConnectWise ScreenConnect remote desktop software is already being exploited in the wild. Researchers warn that it’s trivial to exploit the flaw, ...
Dark Reading

North Korea Hits ScreenConnect Bugs to Drop 'ToddleShark' Malware

North Korean hackers are using a critical vulnerability in ConnectWise's ScreenConnect software to spread new, shapeshifting espionage malware. Two weeks ago, ConnectWise revealed two flaws in its ...
Hosted on MSN

Weaponized JPEG campaign deploys ScreenConnect malware, experts warn

New attack method: Hackers are disguising malware in JPEG files to infiltrate enterprise systems and deploy trojanized ScreenConnect software. Advanced intrusion tools: The malware supports encrypted ...

Experts warn of 'highly sophisticated' weaponized JPEG campaign sending out ScreenConnect malware

Hackers are targeting enterprises with a jpeg file, establishing persistence and elevating privileges.