Remote Monitoring and Management (RMM) tools are an essential part of IT management, allowing businesses to remotely monitor and manage their IT systems. However, recent reports indicate that hackers increasingly target RMM tools to launch ransomware attacks against businesses.
One RMM tool specifically targeted is Action1, a cloud-based endpoint management platform. Hackers have been exploiting vulnerabilities in the platform to gain unauthorized access to systems and launch ransomware attacks.
According to a tweet by Kostas Tsartsaris, an information security researcher, attackers have been abusing Action1 RMM to deploy Cobalt Strike and other malicious payloads. Cobalt Strike is a powerful penetration testing tool that has been repurposed by hackers for use in ransomware attacks.
Businesses can turn to Digital Forensics and Incident Response (DFIR) services to prevent and respond to such attacks. These services allow businesses to quickly identify and respond to cybersecurity incidents, including ransomware attacks.
In response to the rising threat of ransomware, Action1 has unveiled an AI-based threat-hunting solution. This solution uses machine learning algorithms to detect and respond to potential security threats in real-time.
While RMM tools are essential for IT
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: