ConnectWise has patched a critical flaw impacting the ConnectWise Recover and R1Soft Server Backup Manager secure backup solutions, which could be exploited to facilitate remote code execution or unauthorized data access, according to BleepingComputer.
Such a flaw was also regarded by ConnectWise to be a high-priority issue, indicative of high risk of exploitation or ongoing in-the-wild abuse.
Threat actors could leverage the vulnerability to enable ransomware delivery to internet-exposed R1Soft servers, noted Huntress Labs CEO Kyle Hanslovan. Over 4,800 R1Soft servers have been discovered in a Shodan search to be connected to the internet and could be impacted by exploits.
While ConnectWise said that ConnectWise Recover SBMs impacted by the flaw have already been automatically updated, users of the R1Soft system are urged to apply the SBM v6.16.4 server backup manager upgrade through the R1Soft upgrade wiki.
Meanwhile, experts noted that ConnectWise's release of a patch at the end of the week may increase the risk of exploit development and the targeting of vulnerable instances.
Android devices on the latest version of the operating system were discovered to be impacted by a vulnerability that exposes DNS queries upon switching VPN servers despite the activation of the "Always-on VPN" functionality while blocking connections that do not have VPN, according to BleepingComputer.
BleepingComputer reports that online banking accounts across Finland were noted by the country's Transport and Communications Agency, or Traficom, to have been targeted by ongoing Android malware attacks.
BleepingComputer reports that numerous Android apps with over four billion downloads are susceptible to the novel Dirty Stream attack, which involves the exploitation of a flaw in Android's content provider system that could enable arbitrary code execution and secrets compromise.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news