easytoexploit

Experts Warn: ConnectWise Software Vulnerabilities Being Exploited in Large-Scale Cyber Attacks

Yellow Padlock Cyber Rating Getty
Security researchers say a pair of easy-to-exploit flaws in a popular remote access tool used by more than a million companies around the world are now being mass-exploited, with hackers abusing the vulnerabilities to deploy ransomware and steal sensitive data. ConnectWise first disclosed the flaws on February 19 and urged on-premise customers to install security patches immediately. Finnish cybersecurity firm WithSecure said in a blog post Monday that its researchers have also observed “en-mass exploitation” of the ScreenConnect flaws from multiple threat actors. It’s not yet known how many ConnectWise ScreenConnect customers or end users are affected by these vulnerabilities, and ConnectWise spokespeople did not respond to TechCrunch’s questions. The company’s website claims that the organization provides its remote access technology to more than a million small to medium-sized businesses that manage over 13 million devices.