Author: WeWorldMedia-admin

Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider

Published: 12 June 2025
Categories: US-Computer Emergency Readiness Team

RSS feed source: US Computer Emergency Readiness Team

Summary

The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this advisory in response to ransomware actors leveraging unpatched instances of a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) to compromise customers of a utility billing software provider. This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp RMM since January 2025.

SimpleHelp versions 5.5.7 and earlier contain several vulnerabilities, including CVE-2024-57727—a path traversal vulnerability.1 Ransomware actors likely leveraged CVE-2024-57727 to access downstream customers’ unpatched SimpleHelp RMM for disruption of services in double extortion compromises.1 

CISA added CVE-2024-57727 to its Known Exploited Vulnerabilities (KEV) Catalog on Feb. 13, 2025.

CISA urges software vendors, downstream customers, and end users to immediately implement the Mitigations listed in this advisory based on confirmed compromise or risk of compromise.

Download the PDF version of this report:

AA25-163A Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider (PDF, 420.49 KB ) Mitigations

CISA recommends organizations implement the mitigations below to respond to emerging ransomware activity exploiting SimpleHelp software. These mitigations align with the Cross-Sector Cybersecurity Performance Goals (CPGs) developed by CISA and the National Institute of Standards and Technology (NIST). The CPGs provide a minimum set of practices and protections that CISA and NIST recommend all organizations implement. CISA and

Click this link to continue reading the article on the source website.

Metrology and Calibration Services at NIST CTL: Past, Present, and Future

Published: 5 June 2025
Categories: NIST Advanced Communications

RSS feed source: US Computer Emergency Readiness Team

The National Institute of Standards and Technology (NIST), through its Communications Technology Laboratory (CTL), plays a key role in ensuring today’s technology operates safely and effectively. Accurate and reliable radio frequency (RF)

Click this link to continue reading the article on the source website.

Verticals-enabling Intelligent Network Systems (VINES)

Published: 20 May 2025
Categories: NSF Pgm Announcements

RSS feed source: US Computer Emergency Readiness Team

Full Proposal Deadline(s) (due by 5 p.m. submitting organization’s local time):

August 25, 2025

Track 1

September 25, 2025

Track 2 (Submission of a Concept Outline by August 25th is required. See full text for additional information)

IMPORTANT INFORMATION AND REVISION NOTES

A Concept Outline (CO) is required for Track 2 only. PIs interested in responding to Track 2 of this solicitation must submit a Concept Outline to [email protected] by August 25, 2025 prior to submission of a proposal to aid in determining the appropriateness of the scope and work for consideration under this opportunity.

Any proposal submitted in response to this solicitation should be submitted in accordance with the NSF Proposal & Award Policies & Procedures Guide (PAPPG) that is in effect for the relevant due date to which the proposal is being submitted. The NSF PAPPG is regularly

Click this link to continue reading the article on the source website.