DragonForce 勒索软件背后的威胁行为者入侵了某未具名托管服务提供商（MSP）的 SimpleHelp 远程监控与管理（RMM）工具，随后利用该工具窃取数据并在多个终端部署勒索程序。根据 Sophos 的分析，攻击者很可能利用了 2025 年 1 月披露的 SimpleHelp 三个安全漏洞（CVE-2024 ...

Ransomware actors have compromised customers of a utility software billing software provider after exploiting a vulnerability in the SimpleHelp Remote Monitoring and Management (RMM) tool. A new ...

Ransomware gangs have exploited a vulnerability in the SimpleHelp remote support program to breach customers of a utility billing software vendor, the Cybersecurity and Infrastructure Security Agency ...

The DragonForce ransomware operation successfully breached a managed service provider and used its SimpleHelp remote monitoring and management (RMM) platform to steal data and deploy encryptors on ...

The Cybersecurity and Infrastructure Security Agency (CISA) is urging SimpleHelp customers to patch a known vulnerability following a wave of ransomware attacks targeting downstream customers. The ...

The Iranian government-sponsored threat actor known as MuddyWater has been observed using the legitimate SimpleHelp remote support software tool to achieve persistence on victim devices. According to ...

Hackers are believed to be exploiting recently fixed SimpleHelp Remote Monitoring and Management (RMM) software vulnerabilities to gain initial access to target networks. The flaws, tracked as ...

The DragonForce ransomware gang attacked a managed service provider's (MSP) remote monitoring and management (RMM) tool in order to conduct a supply chain attack. This news comes from Sophos, which ...

Criminals are abusing vulnerabilities in the SimpleHelp RMM remote maintenance software to penetrate PCs and networks. IT security researchers have observed a campaign in which devices were initially ...

Groups linked with the Play ransomware have exploited more than 900 organizations, the FBI said Wednesday, and have developed a number of new techniques in their double-extortion campaigns - including ...

The US cybersecurity agency CISA has observed attacks on SimpleHelp, Samsung MagicINFO, and D-Link DIR-823X. The exploited vulnerabilities are partly a bit older.

Group-IB researchers have also identified a previously unknown command and control infrastructure and a PowerShell script that APT group MuddyWater is using for its cyberespionage and IP theft attacks ...