all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

XSS Vulnerability Found in ConnectWise Remote Access Platform With Great Potential For Misuse by…

Add to bookmarks
Nov. 23, 2022, 1:55 p.m. | Guardio

Stories by Guardio on Medium medium.com

XSS Vulnerability Found in ConnectWise Remote Access Platform With Great Potential For Misuse by Scammers

By Nati Tal (Guardio Labs)

TL;DR

Following our analysis of Remote Access Tool (RAT) abuse, we turned to analyze the misuse of one of the most powerful platforms in that market — ConnectWise. During the analysis a vulnerability in the hosted platform was found, one that can be exploited by scammers to take control of this powerful tool with no limitations — …

access connectwise cybersecurity great platform remote access safe browsing scambaiting vulnerability xss xss-vulnerability

Visit resource

More from medium.com / Stories by Guardio on Medium

“CVE-2024-21388”- Microsoft Edge’s Marketing API Exploited for Covert Extension Installation 4 weeks ago | medium.com
browser extension browsers cybersecurity exploitation +1
“SubdoMailing” — Thousands of Hijacked Major-Brand Subdomains Found Bombarding Users With Millions… 1 month, 4 weeks ago | medium.com
brand campaign cbs cornell +22
“Scammers Paradise” —Exploring Telegram’s Dark Markets, Breeding Ground for Modern Phishing… 2 months, 3 weeks ago | medium.com
cybersecurity dark dark web ecosystem +14
“MyFlaw” — Cross Platform 0-Day RCE Vulnerability Discovered in Opera’s Browsers 3 months, 1 week ago | medium.com
browsers disclosure exploitation opera +1
“EtherHiding” — Hiding Web2 Malicious Code in Web3 Smart Contracts 6 months, 1 week ago | medium.com
blockchain cybersecurity malware wordpress
“MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business… 7 months, 2 weeks ago | medium.com
cybersecurity facebook malware messenger +1
“PhishForce” — Vulnerability Uncovered in Salesforce’s Email Services Exploited for Phishing… 8 months, 3 weeks ago | medium.com
cybersecurity email phishing salesforce +1
“Malverposting” — With Over 500K Estimated Infections, Facebook Ads Fuel This Evolving Stealer… 11 months, 4 weeks ago | medium.com
ads cybersecurity facebook facebook ads +6
“FakeGPT” #2: Open-Source Turned Malicious in Another Variant of the Facebook Account-Stealer… 1 year, 1 month ago | medium.com
account browser security chatgpt chrome extension +4

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Systems Security Officer (ISSO) (Remote within HR Virginia area)

@ OneZero Solutions | Portsmouth, VA, USA
View on infosec-jobs.com

Security Analyst

@ UNDP | Tripoli (LBY), Libya
View on infosec-jobs.com

Senior Incident Response Consultant

@ Google | United Kingdom
View on infosec-jobs.com

Product Manager II, Threat Intelligence, Google Cloud

@ Google | Austin, TX, USA; Reston, VA, USA
View on infosec-jobs.com

Cloud Security Analyst

@ Cloud Peritus | Bengaluru, India
View on infosec-jobs.com
View more jobs