23 subscribers
Go offline with the Player FM app!
Podcasts Worth a Listen
SPONSORED


MSPs on Alert: DragonForce Ransomware, ScreenConnect Abuse, and Microsoft’s Update Integration
Manage episode 485664359 series 2555839
DragonForce has emerged as a significant threat actor in the cybercrime landscape, targeting vulnerabilities in the SimpleHelp remote monitoring and management tool to execute sophisticated ransomware-as-a-service attacks against managed service providers (MSPs). Recent incidents have highlighted how attackers exploited known vulnerabilities, including path traversal and privilege escalation issues, to deploy DragonForce ransomware, which involved exfiltrating sensitive data and employing double extortion tactics. While some clients were protected by endpoint security measures, others suffered significant impacts, underscoring the importance of maintaining IT hygiene and patch management.
The rise of DragonForce is indicative of a broader trend where low-key remote monitoring and management vendors become high-risk entry points for cybercriminals. The evolution of DragonForce from disruptive ransomware player to a full-blown ransomware-as-a-service operator executing targeted extortion campaigns raises alarms about the security of tools widely used by small and medium-sized businesses (SMBs). This situation serves as a reminder that disclosed vulnerabilities can become weaponized if organizations fail to prioritize patching and security measures.
In another concerning development, ConnectWise's ScreenConnect has been identified as the most abused legitimate remote access tool in cyberattacks, accounting for a significant percentage of active threat reports. Cybercriminals are hijacking these tools, typically used by IT professionals, to infiltrate systems and deliver malicious software. The increasing popularity of ScreenConnect has raised vendor trust concerns among IT service providers, prompting discussions about the implications of using such tools in an environment where they can be misused, even without technical exploits.
Microsoft is also making waves in the patch management landscape by introducing a Windows Update Orchestration platform that allows app developers to integrate their update processes into the Windows 11 framework. This initiative aims to create a unified system for managing updates across devices, addressing user concerns about fragmented experiences. The implications of this change are profound, as it positions Microsoft as a central authority in the software update lifecycle, potentially reshaping how managed service providers and security teams approach patching and update management in the future.
Four things to know today
00:00 DragonForce Targets SimpleHelp Vulnerabilities in MSP-Focused Ransomware Campaign
03:30 ConnectWise ScreenConnect Now the Most Abused Remote Access Tool in 2025 Cyberattacks, Report Finds
05:56 Unified Patch Control: Microsoft’s Update Orchestration Platform Threatens RMM Value Propositions
08:55 Actionable AI: Governance Framework and MCP Protocol Deliver Real-World Benefits Amid Hype
This is the Business of Tech.
Supported by: https://syncromsp.com/
All our Sponsors: https://businessof.tech/sponsors/
Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/
Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/
Support the show on Patreon: https://patreon.com/mspradio/
Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech
Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com
Follow us on:
LinkedIn: https://www.linkedin.com/company/28908079/
YouTube: https://youtube.com/mspradio/
Facebook: https://www.facebook.com/mspradionews/
Instagram: https://www.instagram.com/mspradio/
1704 episodes
Manage episode 485664359 series 2555839
DragonForce has emerged as a significant threat actor in the cybercrime landscape, targeting vulnerabilities in the SimpleHelp remote monitoring and management tool to execute sophisticated ransomware-as-a-service attacks against managed service providers (MSPs). Recent incidents have highlighted how attackers exploited known vulnerabilities, including path traversal and privilege escalation issues, to deploy DragonForce ransomware, which involved exfiltrating sensitive data and employing double extortion tactics. While some clients were protected by endpoint security measures, others suffered significant impacts, underscoring the importance of maintaining IT hygiene and patch management.
The rise of DragonForce is indicative of a broader trend where low-key remote monitoring and management vendors become high-risk entry points for cybercriminals. The evolution of DragonForce from disruptive ransomware player to a full-blown ransomware-as-a-service operator executing targeted extortion campaigns raises alarms about the security of tools widely used by small and medium-sized businesses (SMBs). This situation serves as a reminder that disclosed vulnerabilities can become weaponized if organizations fail to prioritize patching and security measures.
In another concerning development, ConnectWise's ScreenConnect has been identified as the most abused legitimate remote access tool in cyberattacks, accounting for a significant percentage of active threat reports. Cybercriminals are hijacking these tools, typically used by IT professionals, to infiltrate systems and deliver malicious software. The increasing popularity of ScreenConnect has raised vendor trust concerns among IT service providers, prompting discussions about the implications of using such tools in an environment where they can be misused, even without technical exploits.
Microsoft is also making waves in the patch management landscape by introducing a Windows Update Orchestration platform that allows app developers to integrate their update processes into the Windows 11 framework. This initiative aims to create a unified system for managing updates across devices, addressing user concerns about fragmented experiences. The implications of this change are profound, as it positions Microsoft as a central authority in the software update lifecycle, potentially reshaping how managed service providers and security teams approach patching and update management in the future.
Four things to know today
00:00 DragonForce Targets SimpleHelp Vulnerabilities in MSP-Focused Ransomware Campaign
03:30 ConnectWise ScreenConnect Now the Most Abused Remote Access Tool in 2025 Cyberattacks, Report Finds
05:56 Unified Patch Control: Microsoft’s Update Orchestration Platform Threatens RMM Value Propositions
08:55 Actionable AI: Governance Framework and MCP Protocol Deliver Real-World Benefits Amid Hype
This is the Business of Tech.
Supported by: https://syncromsp.com/
All our Sponsors: https://businessof.tech/sponsors/
Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/
Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/
Support the show on Patreon: https://patreon.com/mspradio/
Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech
Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com
Follow us on:
LinkedIn: https://www.linkedin.com/company/28908079/
YouTube: https://youtube.com/mspradio/
Facebook: https://www.facebook.com/mspradionews/
Instagram: https://www.instagram.com/mspradio/
1704 episodes
All episodes
×
1 AI Oversight Eases as Trump Pushes Exports; 400+ Breaches from SharePoint Zero Day Attack 12:27

1 OpenAI's Usage Surge, Kindrel's AI Framework, and the Comeback of Dedicated Servers 16:35

1 Half of MSPs Prepare for Ransomware, SaaS Security Gaps, and Open AI Servers Found 12:06

1 Microsoft SharePoint Flaw Exposes Thousands; Fortune 100 Firms Push FullReturn to Office 13:44

1 From Data to AI: How ProArch Transforms Industries with Smart Start and Microsoft Solutions with Santosh Kaveti 20:16

1 From Legacy to Cloud: How MSPs Can Leverage Intune for Effective Endpoint Management with Hugo Salazar and Rolando Jimenez 51:29

1 Delta's AI Pricing Sparks Trust Issues, OpenAI's ChatGPT Agent Goes Autonomous, Intel Cuts Jobs 14:59

1 Microsoft Cuts 9,000 Jobs, Boosts AI Partner Incentives; OpenAI Expands Multi-Cloud E-Commerce Tools 15:36

1 Windows 10 Cutoff and VMware Licensing Chaos: MSPs Must Navigate New Cybersecurity Demands 15:46

1 AI Breakthroughs: 92% Health Accuracy, Nonprofit Literacy Tools, and Coding Tool Challenges 18:14

1 Critical Vulnerabilities in Kaseya and McDonald's Chatbot Highlight MSP Security Risks 12:26

1 Rethinking Cybersecurity: Why Traditional MFA Fails and the Future of Phishing-Resistant Solutions with Bob Burke 21:11

1 AI as the New Operating System: Transforming SMBs, Security Risks, and Unified Experience Platforms with Anurag Agrawal 44:19

1 Political Hack at Columbia University, Malware Surge, and Microsoft Authenticator's New Direction 13:48

1 AI Adoption Grows but Burnout and Governance Gaps Widen; Major Tech Updates Announced 16:22

1 MSPs Under Pressure: Navigating AI Impersonation, Phishing Exploits, and Ransomware Fallout 16:12

1 Small Businesses Seek AI Efficiency Amid Digital Gaps; New Regulations Impact Data Privacy 16:42

1 Ingram Micro Cyber Attack, Windows 11 Market Growth, and Cloudflare's AI Scraper Blockade 17:30

1 Building Trust in MSP Cyber Insurance: Edouard von Herberstein Discusses Spectra's Impact 25:26

1 Unlocking Value: Effective Pricing Governance and Models for SaaS and MSPs with Dan Balcauski 25:02

1 Unlocking SEO Success: How AI and Data Science Transform Organic Growth Strategies with Andreas Voniatis 21:14

1 Cybersecurity Overhaul: AI, Ransomware, and 400M Fewer Windows PCs Challenge SMBs in 2025 18:48

1 AI-Powered Productivity Disruption: Microsoft, OpenAI, and Legal Challenges in Copyright Training 14:56

1 Malware in ConnectWise, Telecom Hacks, and MSPs' False Confidence in Cybersecurity 14:43

1 AI to Drive 50% of Business Decisions by 2027; SMBs Struggle with Skills and Adoption 14:46

1 CEO Confidence Plummets as Small Businesses Thrive; Data Blind Spots Challenge Strategic Planning 19:06

1 Unlocking AI for SMBs: Data Readiness, Cybersecurity, and Community-Driven Investments with Hunter Jensen and Barbara Paluszkiewicz 37:42

1 How Startups Can Tackle Security Debt to Unlock Revenue: A Discussion with Brian Haugli 29:13

1 The New MSP Model: Combining Automation, Emotional Intelligence, and E-Commerce for Success 16:44

1 AI Fuels Infinite Workdays, Job Cuts at Amazon, and New Trends in IT Service Partnerships 14:45

1 SMBs Overconfident in Cybersecurity; SEC Deregulates Amid Rising AI Threats and New Investments 18:53

1 AI's Impact on SMBs: Revenue Gains, Cloud Growth, and New Tools from Zoom, MailChimp, Microsoft 15:50

1 Unlocking Profitability: Andrew Bolton's Unique Approach to Tech Support for Seniors 25:20

1 Inside Empath's $2M Raise: Wes Spencer Discusses Community Investment for MSP Growth 22:45

1 AI's Jagged Age: Memory Limits, Retrieval Bots, and Legal Battles Over Encryption and Privacy 18:01

1 Microsoft 365 Copilot's Security Flaw, AI in Misinformation, and Emerging Cybersecurity Solutions 14:41

1 O3 Pro's Launch, Reddit's Lawsuit Against Anthropic, and Cisco's New AI-Driven Networking Gear 17:14

1 PAX 8's AI Solutions, Apple's Developer Access, Cybersecurity Policy Changes, and MSP Support Group 14:20

1 U.S. Job Growth Declines, Windows 11 Stagnates, Cyber Insurance Partnerships, CrowdStrike's Forecast 16:22

1 AI in Managed Services: Strategies for MSPs to Thrive Amidst Disruption with Stephen Hinch 25:12

1 AI's Impact on IT Management: Navigating Microsoft Updates, Talent Shortages, and Automation with Elliott Hyman 37:41

1 Sherweb Launches Portal for MSPs; AI Pricing Evolves and Generative AI Risks Prompt Caution 18:27

1 AI Drives MSP Success, U.S. AI Governance Changes, and Broadcom's VMware Partner Strategy Shift 14:50

1 NWN's InterVision Deal, Empath's Insider Funding, AI Agents Emerge, Big Tech's Cybersecurity Moves 14:50

1 AI Certification for MSPs Debuts as ConnectWise and Kaseya Make Major Strategic Moves 15:36
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.