Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider

Published: 12 June 2025
Categories: US-Computer Emergency Readiness Team

RSS feed source: US Computer Emergency Readiness Team

Summary

The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this advisory in response to ransomware actors leveraging unpatched instances of a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) to compromise customers of a utility billing software provider. This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp RMM since January 2025.

SimpleHelp versions 5.5.7 and earlier contain several vulnerabilities, including CVE-2024-57727—a path traversal vulnerability.1 Ransomware actors likely leveraged CVE-2024-57727 to access downstream customers’ unpatched SimpleHelp RMM for disruption of services in double extortion compromises.1 

CISA added CVE-2024-57727 to its Known Exploited Vulnerabilities (KEV) Catalog on Feb. 13, 2025.

CISA urges software vendors, downstream customers, and end users to immediately implement the Mitigations listed in this advisory based on confirmed compromise or risk of compromise.

Download the PDF version of this report:

AA25-163A Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider (PDF, 420.49 KB ) Mitigations

CISA recommends organizations implement the mitigations below to respond to emerging ransomware activity exploiting SimpleHelp software. These mitigations align with the Cross-Sector Cybersecurity Performance Goals (CPGs) developed by CISA and the National Institute of Standards and Technology (NIST). The CPGs provide a minimum set of practices and protections that CISA and NIST recommend all organizations implement. CISA and

Click this link to continue reading the article on the source website.

Metrology and Calibration Services at NIST CTL: Past, Present, and Future

Published: 5 June 2025
Categories: NIST Advanced Communications

RSS feed source: US Computer Emergency Readiness Team

The National Institute of Standards and Technology (NIST), through its Communications Technology Laboratory (CTL), plays a key role in ensuring today’s technology operates safely and effectively. Accurate and reliable radio frequency (RF)

Click this link to continue reading the article on the source website.

Level 1 – Global Measles

Published: 27 May 2025
Categories: DoT, Public Health

RSS feed source: US Computer Emergency Readiness Team

Measles cases are rising in many countries around the world. All international travelers should be fully vaccinated against measles with the measles-mumps-rubella (MMR) vaccine, according to CDC’s measles vaccination recommendations for international travel. Country List : Afghanistan, Benin, Cameroon, Central African Republic, Chad, Côte d’Ivoire (Ivory Coast), Democratic Republic of the Congo, Djibouti, Ethiopia, Indonesia, Liberia, Nigeria, Pakistan, Republic of the Congo , Senegal, Somalia, Republic of South Sudan, Togo, Yemen, Kyrgyzstan, Armenia, Mauritania, Equatorial Guinea, Ghana, Kazakhstan, Burkina Faso, Türkiye (Turkey), United Arab Emirates, Burundi, Romania, Malaysia, Russia, Azerbaijan, Uzbekistan, Philippines, Austria, Belarus, Georgia, Bosnia and Herzegovina, San Marino, Guinea, Kenya, Monaco, United Kingdom, including England, Scotland, Wales, and Northern Ireland, Belgium, Ireland, Montenegro, Moldova, Serbia, Niger, Thailand, Guinea-Bissau, Libya, Mozambique, Saudi Arabia, Namibia, Sudan, Albania, Algeria, American Samoa, Andorra, Angola, Anguilla (U.K.), Antarctica, Antigua and Barbuda, Argentina, Aruba, Australia, Azores (Portugal), The

Click this link to continue reading the article on the source website.