<ul><li>Sophos researchers discovered a cyberattack where DragonForce ransomware exploited three vulnerabilities in SimpleHelp to breach an MSP and its customers.</li><li>The vulnerabilities (CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726) allowed unauthorized access, arbitrary file downloads, uploads, and privilege escalation.</li><li>Arctic Wolf observed a targeted campaign exploiting these vulnerabilities shortly after their disclosure, potentially compromising devices using SimpleHelp client software.</li><li>Sophos found that the attackers used a legitimate SimpleHelp instance to deploy malicious software, compromising multiple customers, with some successfully defended by Sophos MDR and XDR services.</li></ul>

DragonForce exploits SimpleHelp flaws to breach MSP

Discover more