Just days after it was announced that the UK’s National Crime Agency (NCA), the FBI, and Europol had taken down the Russian LockBit ransomware gang’s website, it’s been reported that LockBit ransomware is still being deployed via flaws in a popular remote access tool.
Researchers at cybersecurity companies Huntress and Sophos have highlighted how two bugs in the ConnectWise ScreenConnect remote access IT support tool, usually used by IT technicians, are being exploited to launch LockBit attacks.
ConnectWise has issued an alert urging IT administrators to take quick action to patch the two critical vulnerabilities. Details are available here.