Wednesday, October 27, 2021

Remote access tool or trojan? How to detect misbehaving RATs

Red Canary’s Cyber Incident Response Team frequently observes adversaries abusing legitimate remote access utilities for lateral movement and execution of payloads. These tools perform reliably, as you may expect with most enterprise software, and allow operators to pivot and transfer data to and from victim machines.

Adversarial abuse of remote monitoring & management (RMM) software is not new, but—given the rash of costly and destructive ransomware attacks in recent months and years—it’s part…

Read More

Latest news
Related news