Remote work Infographic

Listen to The Threat Talks on:

Deep Dive – ScreenConnect: Authentication Bypass (CVE-2024-1709)

Your cybersecurity experts

Lieuwe Jan Koning

Co-Founder and CTO ON2IT Group

Luca Cipriano

Threat Intel Specialist ON2IT

Rob Maas Field CTO

Rob Maas

Field CTO ON2IT

Remote work Infographic

ScreenConnect: Authentication Bypass (CVE-2024-1709)

In this episode of Threat Talks, the focus is on the exploitation of ScreenConnect vulnerabilities (CVE-2024-1709) in healthcare breaches, particularly the Change Healthcare attack, which was actually caused by compromised Citrix credentials.

This incident led to a $22 million ransom demand and three weeks of downtime, showcasing the devastating impact ransomware can have on organizations.

Why are network segmentation, endpoint detection and response (EDR) tools, and virtual patching critical in preventing such attacks? Implementing these measures can effectively stop lateral movement and enhance overall cybersecurity defenses. By deploying firewalls with advanced policies and utilizing virtual patching, organizations can significantly bolster their protection against persistent threats.

Our host Lieuwe Jan Koning and our experts Luca Cipriano and Rob Maas provide insights into how ScreenConnect vulnerabilities were exploited and how ransomware spread

Download the infographic for the complete overview

Episode details:

How have the exploitation of ScreenConnect vulnerabilities (CVE-2024-1709) played a role in healthcare breaches? Let’s discuss as we delve into the Change Healthcare attack, which was initiated through compromised Citrix credentials.

How did the attackers manage to execute such a disruptive and costly breach, ultimately demanding a $22 million ransom?

This deep dive also highlights the devastating impact of ransomware, including three weeks of downtime and the subsequent chaotic situation where multiple ransom demands were made. What are the pitfalls of paying ransom? How can organizations ensure they are paying the right party? These questions illuminate the complexities and challenges of ransomware incidents.

Our experts, Luca Cipriano and Rob Maas, emphasize the urgent need for network segmentation, endpoint detection and response (EDR) tools, and virtual patching to prevent lateral movement and strengthen cybersecurity defenses. What are the best practices to prevent future attacks? Can your organization withstand such an assault?

Discover the answers and more in this compelling Deep Dive of Threat Talks.

Make sure to follow the Threat Talks on our Spotify channel and stay up to date with every cybersecurity treat.