Tag

Connectwise

All articles tagged with #connectwise

cybersecurity1 year ago•2 min saved

"ScreenConnect Flaws Used to Deploy ToddlerShark Malware"

North Korean threat actors have exploited vulnerabilities in ConnectWise ScreenConnect to deploy a new malware called TODDLERSHARK, which overlaps with known Kimsuky malware such as BabyShark and ReconShark. The malware is designed to capture and exfiltrate sensitive information about compromised hosts and exhibits polymorphic behavior to evade detection. South Korea's National Intelligence Service has accused North Korea of compromising the servers of two domestic semiconductor manufacturers and pilfering valuable data, with the intrusions taking place in December 2023 and February 2024.

via The Hacker News|

#connectwise #cybersecurity #kimsuky

cybersecurity1 year ago•14 min saved

"Ransomware Exploits Critical ConnectWise ScreenConnect Flaws"

Sophos X-Ops is tracking a wave of vulnerability exploitation targeting unpatched ConnectWise ScreenConnect installations, with attackers deploying malware to servers and workstations. ConnectWise has released a security advisory highlighting two critical vulnerabilities, urging immediate patching to version 23.9.8. Cloud-hosted implementations have received updates, but self-hosted instances remain at risk until manually upgraded. Sophos observed active exploitation in the wild, including attacks involving LockBit ransomware and other malware. Recommendations include confirming deployment type, scanning for unpatched instances, and implementing security measures. Sophos also provides detection and protection rules, as well as incident response guidance for organizations to mitigate risks and investigate potential incidents.

via Sophos|

#connectwise #cybersecurity #malware