Search
Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Jobs Cisco Partner Summit Digital 2020 Lenovo Tech World Newsroom Dell Technologies World Digital Experience 2020 HPE Zone Masergy Zenith Partner Program Newsroom Intel Partner Connect Digital Newsroom Dell Technologies Newsroom Fortinet Secure Network Hub IBM Newsroom Juniper Newsroom The IoT Integrator Lenovo Channel-First NetApp Data Fabric Intel Tech Provider Zone

ConnectWise Control 'Attack Chain' Exploit: 20 Questions For Security Researcher Bishop Fox

"One of our security researchers found these vulnerabilities. He deemed them severe enough to rate them as critical and the attack chain so bad that we had to report them."

1   2   3   ... 11 Next

Security consultancy Bishop Fox has discovered eight vulnerabilities in ConnectWise Control.

“One of our security researchers found these vulnerabilities. He deemed them severe enough to rate them as critical, and the attack chain so bad that we had to report them,” said Bishop Fox Associate Vice President of Consulting Daniel Wood.

ConnectWise was tied to numerous security breaches in 2019, starting with reports in April that the company’s Control product was used in the now-infamous Wipro hack. Then an MSP using ConnectWise Control had its network hacked in August, resulting in the compromise of 22 municipal web sites in cities and towns across Texas.

ConnectWise told CRN Tuesday that while it “struggled” to reproduce the flaws, it has patched 75-percent of them.

Here, Wood answers 20 questions about how Bishop Fox discovered the vulnerabilities and the response it received from ConnectWise.

 
 
1   2   3   ... 11 Next

sponsored resources