Techly NewsGet the app

Get the latest tech news

Hackers actively targeting severe authentication bypass flaw in ConnectWise software


ConnectWise ScreenConnect is being actively exploited by hackers, allowing unauthorized access and potential data theft.

According to TechCrunch, this flaw, with the highest severity rating, poses a significant risk as it allows for an authentication bypass that could enable attackers to remotely access and steal sensitive data or deploy malware on affected systems. Huntress, a cybersecurity firm, published an analysis indicating ongoing exploitation of this flaw, with adversaries deploying Cobalt Strike beacons and even installing ScreenConnect clients on compromised servers. Huntress CEO Kyle Hanslovan highlighted the severity of the situation, estimating that thousands of servers controlling numerous endpoints remain vulnerable, potentially leading to a surge in ransomware attacks.

Get the Android app

Or read this on ReadWrite

Read more on:

Photo of Hackers

Hackers

Photo of ConnectWise

ConnectWise

Photo of ConnectWise software

ConnectWise software

Related news:

News photo

Hackers abuse Google Cloud Run in massive banking trojan campaign

News photo

Researchers warn high-risk ConnectWise flaw under attack is ’embarrassingly easy’ to exploit

News photo

ConnectWise urges ScreenConnect admins to patch critical RCE flaw

« Gadget-Bot takes Kaidro anime RPG to Ronin blockchain
Apple to launch PQ3 update for iMessage, bolstering encryption against quantum computing »