Attackers hit MSP, use its RMM software to deliver ransomware to clients

A threat actor wielding the DragonForce ransomware has compromised an unnamed managed service provider (MSP) and pushed the malware onto its client organizations via SimpleHelp, a legitimate remote monitoring and management (RMM) tool. “Sophos MDR has medium confidence the threat actor exploited a chain of vulnerabilities that were released in January 2025,” the company’s incident responders shared on Tuesday. The vulnerabilities in question are CVE-2024-57727, CVE-2024-57728 and CVE-2024-57726, which can be used to compromise SimpleHelp … More → The post Attackers hit MSP, use its RMM software to deliver ransomware to clients appeared first on Help Net Security.
http://news.poseidon-us.com/TL21W2

Attackers hit MSP, use its RMM software to deliver ransomware to clients

Like this:

Related

More Posts

VA lifts hiring freeze for 100 more roles, including Veterans Crisis Line support jobs

VA lifts hiring freeze for 100 more roles, including Veterans Crisis Line support jobs

The Trump administration may be taking a hatchet to the Hatch Act

The Army’s Unified Network Plan 2.0: A shift toward data-centric security and open standards

The Army’s Unified Network Plan 2.0: A shift toward data-centric security and open standards

The Army’s Unified Network Plan 2.0: A shift toward data-centric security and open standards

Lawmakers question administration’s push to pay political appointees more

Microsoft unveils “centralized” software update tool for Windows

What whistleblowers should consider before filing a report

The federal government can still compete for top tech graduates

Share this:

Like this:

Related

More Posts