CSTI
    ransomwareThe Ransomware Era (2020-Present) Daily Briefing Landmark Event

    LockBit Ransomware Exploits Critical ConnectWise Vulnerabilities

    Friday, February 23, 2024

    LockBit Ransomware Exploits Critical ConnectWise Vulnerabilities

    On February 23, 2024, cybersecurity experts reported that the notorious LockBit ransomware gang is actively exploiting two critical vulnerabilities in ConnectWise, a popular remote access tool. The vulnerabilities, identified as CVE-2024-1709 (an authentication bypass) and CVE-2024-1708 (a path traversal flaw), have facilitated unauthorized access and ransomware deployment. These vulnerabilities were first disclosed following a security update released earlier this week, and several organizations have already fallen victim to these attacks.

    Organizations using ConnectWise are urged to apply the latest patches immediately to mitigate the risk of ransomware infiltration. The persistence of these attacks underscores the critical need for robust security measures and vigilant patch management in today’s cybersecurity landscape. TechCrunch

    Also In Security Today

    • Fortinet Vulnerabilities Under Attack: Critical vulnerabilities in Fortinet's FortiOS (CVE-2024-21762) are reportedly being exploited in active attacks. Organizations are advised to prioritize patching efforts to close these security gaps. Security Boulevard
    • Microsoft’s Patch Tuesday Updates: Microsoft addressed multiple vulnerabilities during February's Patch Tuesday, including two zero-day vulnerabilities that require immediate remediation by system administrators across various sectors. Security Boulevard
    • Rising Cyber Incidents in February: February has seen a marked increase in cyber incidents across multiple sectors, highlighting a concerning trend of coordinated attacks targeting well-known vulnerabilities in widely used software. CM Alliance

    Analyst's Take

    The ongoing exploitation of critical vulnerabilities emphasizes the urgent need for organizations to enhance their cybersecurity posture. With ransomware attacks on the rise, particularly from groups like LockBit, defenders must prioritize patch management and continuous monitoring for vulnerabilities in their systems. This trend of coordinated attacks signals a shift in tactics among threat actors, and organizations should reassess their incident response plans to remain resilient against these evolving threats.

    Sources

    LockBit ConnectWise CVE-2024-1709 CVE-2024-1708 ransomware cybersecurity