Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Content provided by Big Pond Podcasts and MSP Radio. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Big Pond Podcasts and MSP Radio or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
Similar to Business of Tech: Daily 10-Minute IT Services Insights
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman, Matthew Brown, and Rob Litterst from The Hustle.
…
continue reading
Technical interviews about software topics.
…
continue reading
Tech News Briefing is your guide to what people in tech are talking about. Every weekday, we’ll bring you breaking tech news and scoops from the pros at the Wall Street Journal, insight into new innovations and policy debates, tips from our personal tech team, and exclusive interviews with movers and shakers in the industry.
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Industry expert Mikah Sargent, brings you interviews from tech journalists who make or break the top stories of the week. Get the freshest perspective and in depth insight into the fast-paced world of technology from Tech News Weekly. Records every Thursday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Every week Linus and Luke discuss the most current happenings in the technology universe.
…
continue reading
Ever wondered how automation will change the world? Maybe you puzzle over what India could do to ease traffic congestion, or how China's aircraft carriers will transform Indian Ocean geopolitics? All Things Policy, a daily podcast brought to you by the Takshashila Institution, brings you all the answers. Every weekday, our researchers break down complex economic and geopolitical ideas through the lens of current events. For everyone from the busy executive to the curious student, All Things ...
…
continue reading
The Slate Daily feed includes new episodes from more than 30 shows in the Slate Podcast Network. You'll get thought provoking analysis, storytelling, and commentary on everything from news and politics to arts, culture, technology, and entertainment. Discover new shows you never knew you were missing.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
MSPs on Alert: DragonForce Ransomware, ScreenConnect Abuse, and Microsoft’s Update Integration
Manage episode 485664359 series 2555839
Content provided by Big Pond Podcasts and MSP Radio. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Big Pond Podcasts and MSP Radio or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
DragonForce has emerged as a significant threat actor in the cybercrime landscape, targeting vulnerabilities in the SimpleHelp remote monitoring and management tool to execute sophisticated ransomware-as-a-service attacks against managed service providers (MSPs). Recent incidents have highlighted how attackers exploited known vulnerabilities, including path traversal and privilege escalation issues, to deploy DragonForce ransomware, which involved exfiltrating sensitive data and employing double extortion tactics. While some clients were protected by endpoint security measures, others suffered significant impacts, underscoring the importance of maintaining IT hygiene and patch management.
The rise of DragonForce is indicative of a broader trend where low-key remote monitoring and management vendors become high-risk entry points for cybercriminals. The evolution of DragonForce from disruptive ransomware player to a full-blown ransomware-as-a-service operator executing targeted extortion campaigns raises alarms about the security of tools widely used by small and medium-sized businesses (SMBs). This situation serves as a reminder that disclosed vulnerabilities can become weaponized if organizations fail to prioritize patching and security measures.
In another concerning development, ConnectWise's ScreenConnect has been identified as the most abused legitimate remote access tool in cyberattacks, accounting for a significant percentage of active threat reports. Cybercriminals are hijacking these tools, typically used by IT professionals, to infiltrate systems and deliver malicious software. The increasing popularity of ScreenConnect has raised vendor trust concerns among IT service providers, prompting discussions about the implications of using such tools in an environment where they can be misused, even without technical exploits.
Microsoft is also making waves in the patch management landscape by introducing a Windows Update Orchestration platform that allows app developers to integrate their update processes into the Windows 11 framework. This initiative aims to create a unified system for managing updates across devices, addressing user concerns about fragmented experiences. The implications of this change are profound, as it positions Microsoft as a central authority in the software update lifecycle, potentially reshaping how managed service providers and security teams approach patching and update management in the future.
Four things to know today
00:00 DragonForce Targets SimpleHelp Vulnerabilities in MSP-Focused Ransomware Campaign
03:30 ConnectWise ScreenConnect Now the Most Abused Remote Access Tool in 2025 Cyberattacks, Report Finds
05:56 Unified Patch Control: Microsoft’s Update Orchestration Platform Threatens RMM Value Propositions
08:55 Actionable AI: Governance Framework and MCP Protocol Deliver Real-World Benefits Amid Hype
This is the Business of Tech.
Supported by: https://syncromsp.com/
All our Sponsors: https://businessof.tech/sponsors/
Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/
Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/
Support the show on Patreon: https://patreon.com/mspradio/
Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech
Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com
Follow us on:
LinkedIn: https://www.linkedin.com/company/28908079/
YouTube: https://youtube.com/mspradio/
Facebook: https://www.facebook.com/mspradionews/
Instagram: https://www.instagram.com/mspradio/
1661 episodes
Share
Manage episode 485664359 series 2555839
Content provided by Big Pond Podcasts and MSP Radio. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Big Pond Podcasts and MSP Radio or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
DragonForce has emerged as a significant threat actor in the cybercrime landscape, targeting vulnerabilities in the SimpleHelp remote monitoring and management tool to execute sophisticated ransomware-as-a-service attacks against managed service providers (MSPs). Recent incidents have highlighted how attackers exploited known vulnerabilities, including path traversal and privilege escalation issues, to deploy DragonForce ransomware, which involved exfiltrating sensitive data and employing double extortion tactics. While some clients were protected by endpoint security measures, others suffered significant impacts, underscoring the importance of maintaining IT hygiene and patch management.
The rise of DragonForce is indicative of a broader trend where low-key remote monitoring and management vendors become high-risk entry points for cybercriminals. The evolution of DragonForce from disruptive ransomware player to a full-blown ransomware-as-a-service operator executing targeted extortion campaigns raises alarms about the security of tools widely used by small and medium-sized businesses (SMBs). This situation serves as a reminder that disclosed vulnerabilities can become weaponized if organizations fail to prioritize patching and security measures.
In another concerning development, ConnectWise's ScreenConnect has been identified as the most abused legitimate remote access tool in cyberattacks, accounting for a significant percentage of active threat reports. Cybercriminals are hijacking these tools, typically used by IT professionals, to infiltrate systems and deliver malicious software. The increasing popularity of ScreenConnect has raised vendor trust concerns among IT service providers, prompting discussions about the implications of using such tools in an environment where they can be misused, even without technical exploits.
Microsoft is also making waves in the patch management landscape by introducing a Windows Update Orchestration platform that allows app developers to integrate their update processes into the Windows 11 framework. This initiative aims to create a unified system for managing updates across devices, addressing user concerns about fragmented experiences. The implications of this change are profound, as it positions Microsoft as a central authority in the software update lifecycle, potentially reshaping how managed service providers and security teams approach patching and update management in the future.
Four things to know today
00:00 DragonForce Targets SimpleHelp Vulnerabilities in MSP-Focused Ransomware Campaign
03:30 ConnectWise ScreenConnect Now the Most Abused Remote Access Tool in 2025 Cyberattacks, Report Finds
05:56 Unified Patch Control: Microsoft’s Update Orchestration Platform Threatens RMM Value Propositions
08:55 Actionable AI: Governance Framework and MCP Protocol Deliver Real-World Benefits Amid Hype
This is the Business of Tech.
Supported by: https://syncromsp.com/
All our Sponsors: https://businessof.tech/sponsors/
Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/
Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/
Support the show on Patreon: https://patreon.com/mspradio/
Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech
Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com
Follow us on:
LinkedIn: https://www.linkedin.com/company/28908079/
YouTube: https://youtube.com/mspradio/
Facebook: https://www.facebook.com/mspradionews/
Instagram: https://www.instagram.com/mspradio/
1661 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to Business of Tech: Daily 10-Minute IT Services Insights
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman, Matthew Brown, and Rob Litterst from The Hustle.
…
continue reading
Technical interviews about software topics.
…
continue reading
Tech News Briefing is your guide to what people in tech are talking about. Every weekday, we’ll bring you breaking tech news and scoops from the pros at the Wall Street Journal, insight into new innovations and policy debates, tips from our personal tech team, and exclusive interviews with movers and shakers in the industry.
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Industry expert Mikah Sargent, brings you interviews from tech journalists who make or break the top stories of the week. Get the freshest perspective and in depth insight into the fast-paced world of technology from Tech News Weekly. Records every Thursday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Every week Linus and Luke discuss the most current happenings in the technology universe.
…
continue reading
Ever wondered how automation will change the world? Maybe you puzzle over what India could do to ease traffic congestion, or how China's aircraft carriers will transform Indian Ocean geopolitics? All Things Policy, a daily podcast brought to you by the Takshashila Institution, brings you all the answers. Every weekday, our researchers break down complex economic and geopolitical ideas through the lens of current events. For everyone from the busy executive to the curious student, All Things ...
…
continue reading
The Slate Daily feed includes new episodes from more than 30 shows in the Slate Podcast Network. You'll get thought provoking analysis, storytelling, and commentary on everything from news and politics to arts, culture, technology, and entertainment. Discover new shows you never knew you were missing.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
