Attackers increasingly using legitimate remote management tools to hack enterprises
- by nlqip
Louis Blackburn, operations director at global ethical hacker and red team cybersecurity solutions provider CovertSwarm, commented: “In order to combat this [RMM abuse] tactic, organizations need to focus on endpoint hardening and reducing their attack surface.”
“Implementing application control measures, such as Windows Defender Application Control (WDAC) or AppLocker, will act as a primary line of defence against these attacks by preventing unauthorized applications from running, ensuring that end-users can’t unknowingly provide access to an attacker using a valid RMM tool,” Blackburn said.
Jake Moore, global cybersecurity advisor at ESET, added: “Enterprises can help discover and mitigate attacks on RMM tools by enforcing robust multifactor authentication to secure access, regularly monitoring RMM activity for any suspicious behaviour and continually ensuring that all software is kept up to date with the latest security patches.”
Source link
lol
Louis Blackburn, operations director at global ethical hacker and red team cybersecurity solutions provider CovertSwarm, commented: “In order to combat this [RMM abuse] tactic, organizations need to focus on endpoint hardening and reducing their attack surface.” “Implementing application control measures, such as Windows Defender Application Control (WDAC) or AppLocker, will act as a primary line…
Recent Posts
- A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
- CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- Xerox To Buy Lexmark For $1.5B In Blockbuster Print Deal
- Vulnerability Summary for the Week of December 16, 2024 | CISA
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict