2024-02-23
Epic move by @ConnectWise. The new ScreenConnect patch will now upgrade you to the latest version—even if you're no longer under maintenance. 🎁 History favors the bold and I'm a big fan of this decision. Get the details and the patch here https://www.connectwise.com/ ...
TechCrunch
Researchers warn that hackers are exploiting ConnectWise's remote access tool via a flaw “embarrassingly easy” to exploit; ConnectWise has confirmed the attacks
2024-02-22
Epic move by @ConnectWise. The new ScreenConnect patch will now upgrade you to the latest version—even if you're no longer under maintenance. 🎁 History favors the bold and I'm a big fan of this decision. Get the details and the patch here https://www.connectwise.com/ ...
TechCrunch
Researchers warn that hackers are exploiting ConnectWise's remote access tool via a flaw “embarrassingly easy” to exploit; ConnectWise has confirmed the attacks
“I can't sugarcoat it — this shit is bad," said Huntress' CEO — Security experts are warning that a high-risk vulnerability …
2021-07-04
Here's a partner provided screenshot from an impacted Kaseya VSA Server. Nothing worse for threat hunters than seeing an “Archive and Purge Logs” procedure 🙄 https://twitter.com/...
BleepingComputer
REvil is pushing ransomware via an update for Kaseya's IT management software, hitting hundreds of managed service providers with thousands of customers
A massive REvil ransomware attack affects multiple managed service providers and their clients through a reported Kaseya supply-chain attack.
2020-12-15
The full compromised package is still being hosted online as well 😓 hxxps://downloads.solarwinds[.]com/ solarwinds/CatalogResources/Core/2019.4 / 2019.4.5220.20574/SolarWinds-Core- v2019.4.5220-Hotfix5.msp https://twitter.com/...
Reuters
SolarWinds: under 18,000 customers were compromised between March and June via an update to its Orion software, leading to DHS, Treasury, Commerce Dept. hacks
LONDON/WASHINGTON (Reuters) - U.S. IT company SolarWinds said on Monday that up to 18,000 of its customers had downloaded …
The full compromised package is still being hosted online as well 😓 hxxps://downloads.solarwinds[.]com/ solarwinds/CatalogResources/Core/2019.4 / 2019.4.5220.20574/SolarWinds-Core- v2019.4.5220-Hotfix5.msp https://twitter.com/...
Wall Street Journal
Source: Treasury's hackers used a flaw in a SolarWinds product; SolarWinds, which touts 300K+ customers, says the flaw was the result of a “supply chain attack”
and it has the Kremlin's fingerprints all over it. https://www.bloomberg.com/... Thomas Brewster / @iblametom : New - A review of contract records shows DOD, FBI, DHS, Veterans Aff...