Outage in Ambra

SimpleHelp Security Vulnerability

Minor
January 22, 2025 - Started 23 days ago
Official incident page

Need to monitor Ambra outages?
Stay on top of outages with IsDown. Monitor the official status pages of all your vendors, SaaS, and tools, including Ambra, and never miss an outage again.
Start Free Trial

Outage Details

We would like to inform you of a recently discovered security vulnerability in SimpleHelp (version 5.5.7 and earlier), a remote support and desktop management software used to support many InteleShare clients. More information about the vulnerability can be found here: https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier We highly recommend that you share the information posted in the following knowledge article with your security team. https://serviceportal.intelerad.com/csm?id=kb_article_view&sysparm_article=KB0032213
Components affected
Ambra Web Services
Latest Updates ( sorted recent to last )
IDENTIFIED 8 days ago - at 02/05/2025 07:48PM

As of February 4, the investigation, which is being conducted with the assistance of outside forensics experts, is beginning to reach its conclusion. Our investigation to date has identified no evidence of data access or exfiltration within the Intelerad corporate network, and our third-party experts have confirmed that the incident is contained. While we do not anticipate any substantive updates before the close of the investigation, we are continuing to support individual clients who have specific questions or concerns. Once our investigation has reached a close, we will provide a final update. If you have further questions, please reach out to our support team.

IDENTIFIED 15 days ago - at 01/29/2025 07:14PM

We have deployed additional security monitoring of our client’s InteleShare environments. If we detect any activity in your environment related to the SimpleHelp vulnerability that we believe is a potential indicator of compromise, we will contact you immediately.

If your team detects a compromise, please notify Intelerad Support immediately through the Intelerad Service Portal.
Additionally, we will not be using SimpleHelp in conjunction with any of our Intelerad products going forward.

Please view these articles for additional information:
SimpleHelp Security Vulnerability - Config File Verification - https://serviceportal.intelerad.com/csm?id=kb_article_view&sysparm_article=KB0032228

SimpleHelp Security Vulnerability IOC & FAQ- https://serviceportal.intelerad.com/csm?id=kb_article_view&sysparm_article=KB0032213

IDENTIFIED 20 days ago - at 01/24/2025 08:35PM

Please note we have updated the list of Indicators of Compromise (IOC). Should you notice any IOC present on your systems our recommendation is to consult with your Security Team immediately regarding device isolation. You can also open a case in the Intelerad Service Portal and we're happy to support you as best we can.

Link to IOCs: https://serviceportal.intelerad.com/csm?id=kb_article_view&sysparm_article=KB0032213

IDENTIFIED 22 days ago - at 01/22/2025 05:14PM

The Intelerad team is continuing to analyze the situation. Please make sure you are monitoring for the Indicators of Compromise (IOCs) already provided. Please note we have updated the list and removed a false positive from the list (vmtoolsd.exe). Should you notice any IOCs present on your systems our recommendation is to consult with your Security Team immediately regarding device isolation. You can also open a case in the Intelerad Service Portal and we're happy to support you as best we can.

Link to IOCs: https://serviceportal.intelerad.com/csm?id=kb_article_view&sysparm_article=KB0032213

INVESTIGATING 22 days ago - at 01/22/2025 02:45PM

We are continuing to investigate this issue.

INVESTIGATING 23 days ago - at 01/22/2025 02:01AM

We are continuing to investigate this issue.

INVESTIGATING 23 days ago - at 01/22/2025 01:47AM

We are continuing to investigate this issue.

INVESTIGATING 23 days ago - at 01/22/2025 01:45AM

We would like to inform you of a recently discovered security vulnerability in SimpleHelp (version 5.5.7 and earlier), a remote support and desktop management software used to support many InteleShare clients.

More information about the vulnerability can be found here: https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier

We highly recommend that you share the information posted in the following knowledge article with your security team.
https://serviceportal.intelerad.com/csm?id=kb_article_view&sysparm_article=KB0032213

Latest Ambra outages

InteleShare Incident - 30 days ago
InteleShare Incident - about 2 months ago
InteleShare Incident - 2 months ago

Stop chasing third-party outages across multiple status pages

With IsDown, you can monitor all your critical services' official status pages from one centralized dashboard and receive instant alerts the moment an outage is detected. Say goodbye to constantly checking multiple sites for updates and stay ahead of outages with IsDown.

Start free trial

No credit card required · Cancel anytime · 3732 services available

Integrations with Slack Microsoft Teams Google Chat Datadog PagerDuty Zapier Discord Webhook