huntress

** Warning: High-Risk Exploit of ConnectWise Vulnerability Poses Harm, Researchers Claim

Connectwise Flaw Huntress Security
Researchers warn high-risk ConnectWise flaw under attack is ’embarrassingly easy’ to exploit “I can’t sugarcoat it — this shit is bad," said Huntress' CEOSecurity experts are warning that a high-risk vulnerability in a widely used remote access tool is “trivial and embarrassingly easy” to exploit, as the software’s developer confirms malicious hackers are actively exploiting the flaw. The maximum severity-rated vulnerability affects ConnectWise ScreenConnect (formerly ConnectWise Control), a popular remote access software that allows managed IT providers and technicians to provide real-time remote technical support on customer systems. Cybersecurity company Huntress on Wednesday published an analysis of the actively exploited ConnectWise vulnerability. ConnectWise also released a fix for a separate vulnerability affecting its remote desktop software. The U.S. agencies also observed hackers abusing remote access software from AnyDesk, which was earlier this month forced to reset passwords and revoke certificates after finding evidence of compromised production systems.