Huntress report identifies new campaign abusing ScreenConnect and other tools

Hackers are abusing legitimate remote management tools to crack open businesses and steal data.
Microsoft

From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities

Microsoft exposes a cryptojacking campaign using SEO poisoning and ScreenConnect to target high-performance PCs, with ...
TechRepublic

New Vulnerabilities in ConnectWise ScreenConnect Massively Exploited by Attackers

One vulnerability impacting ConnectWise ScreenConnect that allows remote attackers to bypass authentication to create admin accounts is being used in the wild. Two new vulnerabilities impact ...
CRN

CISA: Update ConnectWise ScreenConnect Servers Or Take Offline As Ransomware Is Deployed

‘It's odd because now our work has shifted to not getting ahead of the vulnerability and understanding it and sharing the intel, it's watching the internet burn and trying to respond and remediate the ...
Bleeping Computer

ScreenConnect flaws exploited to drop new ToddlerShark malware

The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a new malware variant dubbed ToddlerShark. Kimsuky ...
Infosecurity-magazine.com

Hackers Target ScreenConnect Features For Network Intrusions

A rise in cyber-attacks exploiting remote monitoring and management (RMM) tools for initial access via phishing has been observed by cybersecurity researchers. According to the new findings from the ...
Dark Reading

Critical ConnectWise RMM Bug Poised for Exploitation Avalanche

Users of the ConnectWise ScreenConnect remote desktop management tool are under active cyberattack, after a proof-of-concept (PoC) exploit surfaced for a max-critical security vulnerability in the ...
Hosted on MSN

Weaponized JPEG campaign deploys ScreenConnect malware, experts warn

New attack method: Hackers are disguising malware in JPEG files to infiltrate enterprise systems and deploy trojanized ScreenConnect software. Advanced intrusion tools: The malware supports encrypted ...
CRN

ConnectWise ScreenConnect Vulnerability Seeing Exploits: CISA

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is seeing active exploits related to the ConnectWise ScreenConnect vulnerability that was reported earlier last week. Vulnerabilities ...
Bleeping Computer

ConnectWise urges ScreenConnect admins to patch critical RCE flaw

ConnectWise warned customers to patch their ScreenConnect servers immediately against a maximum severity flaw that can be used in remote code execution (RCE) attacks. This security bug is due to an ...
Infosecurity-magazine.com

Ransomware Warning as CVSS 10.0 ScreenConnect Bug is Exploited

IT admins have been urged to patch any on-premises ScreenConnect servers immediately, after reports that a recently published maximum severity vulnerability is being exploited in the wild.
CSOonline

Critical ConnectWise ScreenConnect flaw exploited in the wild: Update

A critical vulnerability patched this week in the ConnectWise ScreenConnect remote desktop software is already being exploited in the wild. Researchers warn that it’s trivial to exploit the flaw, ...