10:34 5/28/2025 corrected a paragraph that indicated we talked about this last week. We may have in passing, but it is scheduled to be talked about in this upcoming podcast.
In this field, an MSP is known as a managed service provider. The name of this MSP was not named, but whoever it was should be ashamed of itself for not updating software.
The actors got in through several CVE vulnerabilities that were not patched and those numbers are in the article.
Dragon Force will be talked about this week, and we also talked about it last week as part of topics coming.
This is now something we need to be aware of, and its getting dangerous.
One of the clients was running Sophos antivirus while the other client was not.
This is why it is so crucial to run something, even Windows Defender. While I don’t run defender, it could have prevented this, but I can’t say for sure.
The software being used is called Simple Help and Bleeping talks about this in this article.
I think we covered this well when we did. DragonForce ransomware abuses SimpleHelp in MSP supply chain attack will be your read for this one.
If this can happen to an MSP, this can happen to anyone. Stay as protected as you can, these guys are no joke. Lots of linked content too.
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.