Huntress – Page 2 – WindowsTechs.com

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708)

Posted on February 22, 2024 by Zeljka Zorz

The two ScreenConnect vulnerabilities ConnectWise has recently urged customers to patch have finally been assigned CVE numbers: CVE-2024-1709 for the authentication bypass, CVE-2024-1708 for the path traversal flaw. ConnectWise has also released a newe… Continue reading Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708)→

Key cybersecurity skills gap statistics you should be aware of

Posted on January 2, 2024 by Help Net Security

As the sophistication and frequency of cyber threats continue to escalate, the demand for skilled cybersecurity professionals has never been bigger. The skills gap is not merely a statistical discrepancy; it represents a substantial vulnerability in th… Continue reading Key cybersecurity skills gap statistics you should be aware of→

SMBs face surge in “malware free” attacks

Posted on November 28, 2023 by Helga Labus

“Malware free” attacks, attackers’ increased reliance on legitimate tools and scripting frameworks, and BEC scams were the most prominent threats small and medium businesses (SMBs) faced in Q3 2023, says the inaugural SMB Threat Repor… Continue reading SMBs face surge in “malware free” attacks→

PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)

Posted on June 13, 2023 by Zeljka Zorz

As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE vulnerability exploited by the Cl0p cyber extortion group to plunder confidential data. C… Continue reading PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)→

It’s time to patch your MOVEit Transfer solution again!

Posted on June 12, 2023 by Zeljka Zorz

Progress Software customers who use the MOVEit Transfer managed file transfer solution might not want to hear it, but they should quickly patch their on-prem installations again: With the help of researchers from Huntress, the company has uncovered add… Continue reading It’s time to patch your MOVEit Transfer solution again!→

Cl0p announces rules for extortion negotiation after MOVEit hack

Posted on June 8, 2023 by Zeljka Zorz

The Cl0p cyber extortion crew says that the many organizations whose data they have pilfered by exploiting a vulnerability in the MOVEit Transfer solution have until June 14 to get in contact with them – or they will post their name on their dedi… Continue reading Cl0p announces rules for extortion negotiation after MOVEit hack→

MOVEit Transfer zero-day attacks: The latest info

Posted on June 2, 2023 by Zeljka Zorz

There’s new information about the zero-day vulnerability in Progress Software’s MOVEit Transfer solution exploited by attackers and – more importantly – patches and helpful instructions for customers. The MOVEit Transfer zero-day and … Continue reading MOVEit Transfer zero-day attacks: The latest info→

PoC exploit for abused PaperCut flaw is now public (CVE-2023-27350)

Posted on April 25, 2023 by Zeljka Zorz

An unauthenticated RCE flaw (CVE-2023-27350) in widely-used PaperCut MF and NG print management software is being exploited by attackers to take over vulnerable application servers, and now there’s a public PoC exploit. About the vulnerability Ac… Continue reading PoC exploit for abused PaperCut flaw is now public (CVE-2023-27350)→

Most mid-sized businesses lack cybersecurity experts, incident response plans

Posted on March 20, 2023 by Help Net Security

99% of all businesses across the United States and Canada are mid-sized businesses facing cybersecurity challenges, according to a Huntress report. Aimed to gain insights into organizational structure, resources and cybersecurity strategies, the result… Continue reading Most mid-sized businesses lack cybersecurity experts, incident response plans→

ConnectWise backup solutions open to RCE, patch ASAP!

Posted on October 31, 2022 by Zeljka Zorz

ConnectWise has fixed a critical vulnerability in ConnectWise Recover and R1Soft Server Backup Manager that could allow attackers to achieve remote code exection (RCE) or access confidential data. The company advises users to patch as soon as possible,… Continue reading ConnectWise backup solutions open to RCE, patch ASAP!→