exploiting

Uncategorized

Security Experts Warn: ConnectWise Vulnerabilities Being Exploited by Hackers to Deploy LockBit Ransomware

Ransomware Bugs Black Samuil Levich Getty

Security experts are warning that a pair of high-risk flaws in a popular remote access tool are being exploited by hackers to deploy LockBit ransomware — days after authorities announced that they had disrupted the notorious Russia-linked cybercrime gang. In a post on Mastodon on Thursday, Sophos said that it had observed “several LockBit attacks” following exploitation of the ConnectWise vulnerabilities. “Two things of interest here: first, as noted by others, the ScreenConnect vulnerabilities are being actively exploited in the wild. Rogers said that Huntress has seen LockBit ransomware deployed on customer systems spanning a range of industries, but declined to name the customers affected. The company’s website claims that the organization provides its remote access technology to more than a million small to medium-sized businesses.

Max Chen
February 23, 2024

Security

Government-Sponsored Hackers Exploit Fresh Ivanti VPN Vulnerabilities – No Fixes Available

U.S. software giant Ivanti has confirmed that hackers are exploiting two critical-rated vulnerabilities affecting its widely-used corporate VPN appliance, but said that patches won’t be available until the end of the month. Ivanti said the two vulnerabilities — tracked as CVE-2023-46805 and CVE-2024-21887 — were found in its Ivanti Connect Secure software. Formerly known as Pulse Connect Secure, this is a remote access VPN solution that enables remote and mobile users to access corporate resources over the internet. When TechCrunch asked why patches weren’t being made available immediately, Ivanti declined to comment. Ivanti is urging that potentially impacted organizations prioritize following its mitigation guidance, and U.S. cybersecurity agency CISA has also published an advisory urging Ivanti Connect Secure to mitigate the two vulnerabilities immediately.

Kira Kim
January 11, 2024

exploiting

Security Experts Warn: ConnectWise Vulnerabilities Being Exploited by Hackers to Deploy LockBit Ransomware

Government-Sponsored Hackers Exploit Fresh Ivanti VPN Vulnerabilities – No Fixes Available

The Future of Babies: Wearables, Text Messages from Furry Friends, and E-Ink Automobiles

AirMyne Harnesses Geothermal Energy for Direct Air Carbon Capture Expansion

Atomos Takes Off With $16M For Tugboats in Space

Create and Explore a Saved Space with Instagrams New Bookmarking Feature

Ransomware Breach: Omni Hotels Reports Theft of Customers’ Personal Information

Security Experts Warn: ConnectWise Vulnerabilities Being Exploited by Hackers to Deploy LockBit Ransomware

Government-Sponsored Hackers Exploit Fresh Ivanti VPN Vulnerabilities – No Fixes Available

The Future of Babies: Wearables, Text Messages from Furry Friends, and E-Ink Automobiles

AirMyne Harnesses Geothermal Energy for Direct Air Carbon Capture Expansion

Atomos Takes Off With $16M For Tugboats in Space

Create and Explore a Saved Space with Instagrams New Bookmarking Feature

Ransomware Breach: Omni Hotels Reports Theft of Customers’ Personal Information

Trending now