March 21, 2024 at 08:31AM RMM software provides IT support teams with tools to administer an entire system remotely, eliminating the need for in-person visits. It allows for remote access, automatic scanning for problems, and fixing issues without physical interaction. Leading RMM software includes NinjaOne, Syncro, Barracuda, N-able N-sight, ManageEngine RMM, and Site24x7 MSP Edition. … Read more
March 21, 2024 at 02:37AM Chinese upstarts are selling smartphone motherboards and kit for committing scams and crimes. An undercover investigation by China Central Television reveals chassis with 20 motherboards wired to a monitor, and a datacenter housing 1,000 smartphones. The phones are used for fake comments, orders, or likes, and operators charge $417-$834 for … Read more
March 11, 2024 at 06:51AM Threat actors using BianLian ransomware exploit security flaws in JetBrains TeamCity software for extortion-only attacks. The cyberattack involves exploiting TeamCity vulnerabilities to gain initial access, deploying the BianLian backdoor, and using PowerShell for remote communication. VulnCheck also detailed PoC exploits for a critical flaw in Atlassian Confluence, indicating widespread exploitation. … Read more
March 1, 2024 at 06:15AM Cybersecurity researchers have found a new Linux variant of the BIFROSE remote access trojan, using a deceptive domain mimicking VMware. The malware, active since 2004, has been linked to a state-backed group from China. The latest variant disguises as VMware and has shown increased activity since October 2023, signifying evolving … Read more
February 27, 2024 at 11:27AM Multiple threat actors are exploiting two recently resolved vulnerabilities in ConnectWise ScreenConnect. The flaws, tracked as CVE-2024-1709 and CVE-2024-1708, allow for authentication bypass and path traversal. ConnectWise has released patches and urged immediate updates to version 23.9.8. Trend Micro has observed various cybercrime groups exploiting the vulnerabilities for malware delivery … Read more
February 20, 2024 at 12:27PM ConnectWise has urgently released patches for two critical security flaws in its ScreenConnect remote desktop access product, warning of high risk of exploitation. The most severe bug allows an “authentication bypass using an alternate path or channel,” scoring 10/10 in CVSS, while a second bug, an “improper limitation of a … Read more
February 5, 2024 at 06:06PM AnyDesk Software, the German developer of remote access software, experienced a security breach. The company initiated a security audit after detecting suspicious activity and found that their production systems were compromised. AnyDesk has taken measures to secure its systems and has engaged CrowdStrike for investigation. Cybersecurity firm Resecurity reported the … Read more
February 3, 2024 at 11:21AM AnyDesk recently suffered a cyberattack, compromising production systems and stealing source code and code signing keys. Although the company assures customers that their service is now safe to use, it recommends changing passwords and updating to the latest software version. This incident is part of a series of recent high-profile … Read more
February 2, 2024 at 05:21PM Remote access solution AnyDesk suffered a cyberattack leading to data theft from its production systems. The company, with 170,000 clients including 7-Eleven and Samsung, reassures the safety of the software and has initiated security measures after revoking certificates. It urges users to update to version 8.0.8 and change passwords due … Read more
January 16, 2024 at 04:34PM Ivanti VPNs globally compromised due to two unpatched zero-day vulnerabilities, allowing attackers to gain network access. Thousands infected, primarily by group UTA0178, with no available patches until Jan. 22 and Feb. 19. Ivanti released a mitigation and Integrity Checker Tool for existing compromises. Customers advised to follow incident response playbook … Read more