Ransomware Actors Exploit SimpleHelp RMM Vulnerabilities

Ransomware groups, including Play and DragonForce, are exploiting critical vulnerabilities in the SimpleHelp Remote Monitoring and Management tool, particularly CVE-2024-57727, to gain unauthorized access to sensitive systems, impacting US utility billing providers and managed service providers.

CISA and FBI Warn of Buffer Overflow Vulnerabilities in Software Development

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a Secure by Design Alert highlighting the significant security risks posed by buffer overflow vulnerabilities, which are frequently exploited by cyber actors, including those from China, in major software products from vendors like Microsoft, VMware, and Ivanti.