Huntress Researcher Answers Five Questions About ConnectWise’s R1Soft Vulnerability – CRN
A security exploit in ZK, an application for Java developers, was later found to be a backdoor that would have allowed threat researchers with Huntress to install ransomware on ConnectWise R1Soft, which manages backup servers, as well as any agents those servers were connected to.
Huntress researchers John Hammond and Caleb Stewart worked on the exploit together, when it was introduced as a way to bypass authentication and login to R1Soft – with admin privileges.
“We caught wind of this and thought, ‘Wow. There’s a significant impact even in just that authentication bypass. And then the sensitive file leak and other information you might be able to retrieve, so we decided to look into it,” Hammond said. “We thought can this be weaponized further? Because a backup server, that’s potentially a crown jewel for a threat actor.”
The vulnerability was first discovered earlier this year by Markus Wulftange, a senior penetration tester with Code White, a German cybersecurity firm. It was…
The post Huntress Researcher Answers Five Questions About ConnectWise’s R1Soft Vulnerability – CRN first appeared on SEO, Marketing and Social News | OneSEOCompany.com.
source: https://news.oneseocompany.com/2022/10/31/huntress-researcher-answers-five-questions-about-connectwises-r1soft-vulnerability-crn_2022103134821.html
Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.