Sophos spots DragonForce ransomware attack leveraging three bugs The flaws were found in SimpleHelp SMM platform The victim was a major managed service provider (MSP) The DragonForce ransomware group is chaining multiple SimpleHelp vulnerabilities to breach systems, steal sensitive files, and deploy an encryptor, experts have warned. In a blog post, Sophos MDR researchers noted...Read More
Instead of attacking private firms, the group behind the ransomware campaign targeted cities, hospitals and charities, demanding Bitcoin and threatening to leak stolen data. An Iranian man has pleaded guilty to charges stemming from a ransomware campaign that disrupted public services across several US cities, including a major 2019 attack in Baltimore. The US Department...Read More
Your browser is not supported | usatoday.com usatoday.com wants to ensure the best experience for all of our readers, so we built our site to take advantage of the latest technology, making it faster and easier to use. Unfortunately, your browser is not supported. Please download one of these browsers for the best experience on...Read More
WILMINGTON, N.C. (AP) — An Iranian national pleaded guilty on Tuesday in North Carolina federal court for his role in a ransomware and extortion operation that prosecutors say targeted computer networks for Baltimore and other U.S. cities, a scheme that led to work disruptions and financial losses. Sina Gholinejad, 37, pleaded guilty to one count...Read More
Exclusive: Qld law firm investigating breach by SafePay ransomware Threat actors have claimed a cyber attack on a Queensland law firm, claiming to have exfiltrated company data, court documents and more. SafePay ransomware listed Ruddy Tomlins and Baxter (RTB Legal) on its dark web leak site, allegedly having stolen 200 gigabytes of data. Established in...Read More
The DragonForce ransomware operation successfully breached a managed service provider and used its SimpleHelp remote monitoring and management (RMM) platform to steal data and deploy encryptors on downstream customers’ systems. Sophos was brought in to investigate the attack and believe the threat actors exploited a chain of older SimpleHelp vulnerabilities tracked as CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726 to...Read More
Some people notified by Nova Scotia Power that their information was stolen in a cyber breach are becoming frustrated trying to navigate the situation, saying it’s difficult to get through to their banks and the credit monitoring system that’s been recommended. Nova Scotia Power announced the security breach in late April and confirmed last week it was...Read More