Why ransomware gangs love using RMM tools—and how to stop them | allinfosecnews.com

Feb. 22, 2024, 4:25 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

One of the most alarming trends our ThreatDown Intelligence team has noticed lately is the increased exploitation of legitimate Remote Monitoring and Management (RMM) tools by ransomware gangs in their attacks.

RMM software, such as AnyDesk, Atera, and Splashtop, are essential for IT administrators to remotely access and manage devices within their networks. Unfortunately, ransomware gangs can also exploit these tools to penetrate company networks and exfiltrate data, effectively allowing them to “live off the land”.

In this post, we …

access administrators anydesk atera attacks exploitation gangs intelligence it administrators love manage management monitoring ransomware ransomware gangs remote monitoring remote monitoring and management rmm rmm software software splashtop team threatdown tools trends

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Wireshark 4.2.5 Released, (Sat, May 18th) 16 hours ago | malware.news

article bugs center cve +13

The who, where, and how of APT attacks – Week in security with Tony Anscombe 1 day, 3 hours ago | malware.news

apt article attacks campaigns +11

Leveling the cybersecurity playing field 1 day, 7 hours ago | malware.news

article blumira cybersecurity entry +4

Hardware cybersecurity leader, Flexxon, introduces Server Defender 1 day, 7 hours ago | malware.news

advanced article cybersecurity defender +8

Automated pentesting in the cloud 1 day, 7 hours ago | malware.news

article automated challenge cloud +10

How to revamp your cybersecurity in the middle of the chaos 1 day, 7 hours ago | malware.news

article attackers chaos cybersecurity +8

6K-plus AI models may be affected by critical RCE vulnerability 1 day, 9 hours ago | malware.news

ai models article attacks critical +14

Zscaler annual phishing report finds a near 60% increase in phishing attacks in 2023 1 day, 10 hours ago | malware.news

article attacks link media +6

Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & More - SWN #387 1 day, 12 hours ago | malware.news

amp article cisa deepfakes +8

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Senior - Penetration Tester

@ Deloitte | Madrid, España

View on infosec-jobs.com

Associate Cyber Incident Responder

@ Highmark Health | PA, Working at Home - Pennsylvania

View on infosec-jobs.com

Senior Insider Threat Analyst

@ IT Concepts Inc. | Woodlawn, Maryland, United States

View on infosec-jobs.com