Cybercriminals are exploiting flaws in SimpleHelp Remote Monitoring and Management software to create unauthorized accounts and spread malware, including the Sliver backdoor. Despite patches being available, unpatched systems remain open to attacks. The vulnerabilities enable hackers to upgrade access to administrator levels and execute arbitrary code. To counter this threat, it is recommended that organizations use security updates, restrict access to SimpleHelp servers, monitor for indicators of compromise, and remove unused SimpleHelp clients from systems.
New Attack Abusing Kerberos Delegation in Active Directory Networks
A new attack vector exploiting vulnerabilities in Unconstrained Kerberos Delegation within Active Directory poses serious enterprise security risks. Attackers can create a “Ghost Server,” impersonate
