MSPs as a threat vector
#1
Information 
Quote:
[Image: msp-as-a-threat-vector-featured.jpg]

Becoming a “link” in a supply-chain attack is an unpleasant experience for any organization — and twice as unpleasant for a managed service provider (MSP). That’s especially so if security system management is one of its services. And yet this situation is not as speculative as we would like it to be.

In fact, malefactors generally pay close attention to MSPs. Think about it: MSPs have direct access to the infrastructure of many other firms. Once you are safely inside an MSP’s network, you have unlimited opportunities for data theft or infection. This is why cybercriminals closely scrutinize MSPs’ toolkits and wait for one to commit an error. A little while back, some of those cybercriminals got what they wanted: Unauthenticated attackers took advantage of an MSP’s software vulnerability to install cryptomalware payload.

What kind of vulnerability?

The vulnerability resided in ConnectWise’s ManagedITSync plug-in for cross-integration between the professional services automation platform ConnectWise Manage and the Kaseya VSA remote monitoring and management system.

The vulnerability allows remote modification of the Kaseya VSA database. This, in turn, enables attackers to add new users with any access rights whatsoever and create any tasks — such as uploading malware to all of the MSPs’ clients’ computers.

This is not a new vulnerability. It was discovered back in 2017. As soon as it was, ConnectWise updated its plug-in and seemed to have neutralized the threat. But, as usual, not all users installed the update. 
Continue Reading
[-] The following 1 user says Thank You to harlan4096 for this post:
  • silversurfer
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes
26.7.2 Added supp...Kool — 03:40
WhatsApp Launches New Username Feature ...
WhatsApp Opens Usern...harlan4096 — 17:12
AnyDesk 9.7.9 for Windows
Version 9.7.9 for ...harlan4096 — 15:57
uBOLite 2026.705.2152 (already available...
uBOLite 2026.705.2...harlan4096 — 10:23
Microsoft Warns Windows 11 Enterprise De...
Microsoft has issu...harlan4096 — 10:22

[-]
Birthdays
Today's Birthdays
avatar (56)Step 1
Upcoming Birthdays
avatar (47)dapedDow
avatar (49)TromPerl
avatar (46)RidgeDimb
avatar (37)ipumaqar
avatar (51)tanliorsPeri
avatar (43)lapedDow
avatar (49)rituabew
avatar (37)omyjul
avatar (41)papedDow
avatar (50)ArnoldFum
avatar (38)yfaza
avatar (49)Kevensi
avatar (48)ConradRoand
avatar (39)boineDon
avatar (51)spoofTum
avatar (50)WillieVot
avatar (40)Grompelbawn
avatar (41)vkseogaF
avatar (37)usogy
avatar (40)ywixazok
avatar (38)ixoqe
avatar (36)pa.OpenTran

[-]
Online Staff
harlan4096's profile harlan4096
Administrator

>