New Dual-Vector Campaign Uses Stolen Credentials and Legitimate RMM Software
Cybersecurity researchers have revealed details of a new dual-vector attack campaign that leverages stolen credentials to deploy legitimate Remote Monitoring and Management (RMM) software. The goal is to establish persistent remote access to the compromised hosts. According to researchers at KnowBe4 Threat Labs, instead of deploying custom viruses, attackers are bypassing security perimeters by “weaponizing” necessary IT tools that administrators rely on. By stealing a system “master key,” they turn legitimate RMM software into a persistent backdoor. ...