Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
6 résultats taggé ScreenConnect  ✕
ConnectWise Confirms ScreenConnect Cyberattack, Says Systems Now Secure: Exclusive https://www.crn.com/news/channel-news/2025/connectwise-confirms-screenconnect-cyberattack-says-systems-now-secure-exclusive
30/05/2025 10:51:37
QRCode
archive.org
thumbnail

ConnectWise did not disclose information about when the data breach occurred, as well as the number of MSPs or end users impacted by the breach.

‘ConnectWise recently learned of suspicious activity within our environment that we believe was tied to a sophisticated nation state actor, which affected a very small number of ScreenConnect customers,’ ConnectWise said in a statement.

ConnectWise has confirmed it suffered a recent cyberattack that led to unauthorized access of its ScreenConnect cloud infrastructure.

“ConnectWise recently learned of suspicious activity within our environment that we believe was tied to a sophisticated nation state actor, which affected a very small number of ScreenConnect customers,” the Tampa, Fla.-based vendor said in a statement. “We have launched an investigation with one of the leading forensic experts, Mandiant. We have communicated with all affected customers and are coordinating with law enforcement. As part of our work with Mandiant, we patched ScreenConnect and implemented enhanced monitoring and hardening measures across our environment. We have not observed any further suspicious activity in any customer instances. The security of our services is paramount to us, and we are closely monitoring the situation and will share additional information as we are able.”

No further signs of malicious activity have been detected since the update was applied, a source familiar with the situation, who asked for anonymity, told CRN.

crn.com EN 2025 ConnectWise ScreenConnect Cyberattack
Beware: PayPal "New Address" feature abused to send phishing emails https://www.bleepingcomputer.com/news/security/beware-paypal-new-address-feature-abused-to-send-phishing-emails/
23/02/2025 20:57:05
QRCode
archive.org
thumbnail

An ongoing PayPal email scam exploits the platform's address settings to send fake purchase notifications, tricking users into granting remote access to scammers

bleepingcomputer EN 2025 PayPal Purchase-Confirmation Remote-Access Scam ScreenConnect
IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment – The DFIR Report https://thedfirreport.com/2024/06/10/icedid-brings-screenconnect-and-csharp-streamer-to-alphv-ransomware-deployment/
11/06/2024 21:34:35
QRCode
archive.org
thumbnail

Key Takeaways In October 2023, we observed an intrusion that began with a spam campaign, distributing a forked IcedID loader. The threat actor used Impacket’s wmiexec and RDP to install Scree…

thedfirreport EN 2024 analysis IceID ScreenConnect incident ALPHV Ransomware
BlackCat Ransomware Affiliate TTPs https://www.huntress.com/blog/blackcat-ransomware-affiliate-ttps
29/02/2024 12:11:19
QRCode
archive.org
thumbnail

This blog post provides a detailed look at the TTPs of a ransomware affiliate operator. In this case, the endpoint had been moved to another infrastructure (as illustrated by various command lines, and confirmed by the partner), so while Huntress SOC analysts reported the activity to the partner, no Huntress customer was impacted by the ransomware deployment.

huntress EN 2024 BlackCat Ransomware TTPs ScreenConnect
ConnectWise ScreenConnect: Authentication Bypass Deep Dive https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/
22/02/2024 08:26:47
QRCode
archive.org
thumbnail

An analysis of the recent ConnectWise ScreenConnect authentication bypass vulnerability, root cause, and indicators of compromise.

horizon3 EN 2024 ConnectWise ScreenConnect bypass vulnerability
From ScreenConnect to Hive Ransomware in 61 hours https://thedfirreport.com/2023/09/25/from-screenconnect-to-hive-ransomware-in-61-hours/
25/09/2023 08:51:07
QRCode
archive.org
thumbnail

In 2022, The DFIR Report observed an increase in the adversarial usage of Remote Management and Monitoring (RMM) tools. When compared to post-exploitation channels that heavily rely on terminals, such … Read More

thedfirreport EN 2023 ScreenConnect report Hive Ransomware
4503 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio