News, Trends, and Insights for IT & Managed Services Providers
News, Trends, and Insights for IT & Managed Services Providers
Business of Tech | ConnectWise Takes Drastic Measures Amidst ScreenConnect Security Breach

Now, some news that’s not so good.

I mentioned the ConnectWise ScreenConnect patch on Tuesday’s show.   ConnectWise has now confirmed that hackers are actively exploiting the flaw.

Let me quote from TechCrunch.  

Cybersecurity company Huntress on Wednesday published an analysis of the actively exploited ConnectWise vulnerability. Huntress security researcher John Hammond told TechCrunch that Huntress is aware of “current and active” exploitation, and is seeing early signs of threat actors moving on to “more focused post-exploitation and persistence mechanisms.”

 Huntress CEO Kyle Hanslovan added that Huntress’ own customer telemetry shows visibility into more than 1,600 vulnerable servers.

“I can’t sugarcoat it — this shit is bad. We’re talking upwards of ten thousand servers that control hundreds of thousands of endpoints,” Hanslovan told TechCrunch, noting that upwards of 8,800 ConnectWise servers remain vulnerable to exploitation.

Piotr Kijewski of the Shadowserver Foundation advises checking for signs of compromise and patching, as the majority of vulnerable ScreenConnect instances (93%) are still unpatched, and noted that there were roughly 3800 installations.  

And updated yesterday, As part of this release, ConnectWise has removed license restrictions, so partners no longer under maintenance can upgrade to the latest version of ScreenConnect.  On LinkedIn, ConnectWise CISO posted “ConnectWise has taken steps to suspend non-patched versions of ScreenConnect pending on-prem partners upgrading to the latest version.”

Why do we care?

Those stats are from Tuesday.    That’s a wide swath of customers.   This particular issue spread quite far in the news ecosystem, and I wanted to highlight that.   

ConnectWise took quite a step to suspend earlier versions.    I’m in favor of vendors taking aggressive actions on security vulnerabilities, forcing action.    This isn’t entirely altruistic – they have a responsibility for the software they create.    It can be both the right thing to do, and the only thing to do.  

Choose your upgrade:

Get the full benefits of Business of Tech Plus

Insider Access

$12/month

Perfect for MSPs and ITSPs that want full interviews, early access, and ad-free listening

  • Programmatic Ad-free private podcast feedSame show, little interruptions
  • Channel Chatter previews1–2 topics with light insights
  • Early access to interview episodesHear it days before public release
  • Monthly Insider BriefTighter analysis you can share internally
  • Extra audio segmentsCut interviews, behind-the-scenes commentary, quick competitive notes
  • Become an Insider for $12/month

    Leadership Access

    $149/month

    Perfect for MSPs and Vendors that run a team and need the extended tactics, executive summaries, and weekly alignment brief

  • All Insider Access benefits plus . . .
  • Invite your teamIncludes access for 5 team members with option to add more
  • Vendor Strategy BriefsThe entire library, plus new analysis every month
  • Channel ChatterAll topics, full insights, complete vendor discussion + sentiment list
  • Quarterly State of the Channel Briefing
  • Monthly AMA submission priorityAsk Dave direct questions, and skip the line
  • Get the Leadership Edge for $149/month

    Vendor Partner

    $500/month

    Perfect for channel companies or vendors looking to deepen their engagement with the show.

  • All Leadership Access benefits plus . . .
  • Get highlighted as a show sponsor You'll get placement in the show notes, throughout the website, and on our dedicated sponsors page.
  • Enjoy regular shout outs You'll be featured in a rotating format during the show
  • Become a show sponsor for $500/month

    Search all stories