Attackers increasingly using legitimate remote management tools to hack enterprises
- by nlqip
Louis Blackburn, operations director at global ethical hacker and red team cybersecurity solutions provider CovertSwarm, commented: “In order to combat this [RMM abuse] tactic, organizations need to focus on endpoint hardening and reducing their attack surface.”
“Implementing application control measures, such as Windows Defender Application Control (WDAC) or AppLocker, will act as a primary line of defence against these attacks by preventing unauthorized applications from running, ensuring that end-users can’t unknowingly provide access to an attacker using a valid RMM tool,” Blackburn said.
Jake Moore, global cybersecurity advisor at ESET, added: “Enterprises can help discover and mitigate attacks on RMM tools by enforcing robust multifactor authentication to secure access, regularly monitoring RMM activity for any suspicious behaviour and continually ensuring that all software is kept up to date with the latest security patches.”
Source link
lol
Louis Blackburn, operations director at global ethical hacker and red team cybersecurity solutions provider CovertSwarm, commented: “In order to combat this [RMM abuse] tactic, organizations need to focus on endpoint hardening and reducing their attack surface.” “Implementing application control measures, such as Windows Defender Application Control (WDAC) or AppLocker, will act as a primary line…
Recent Posts
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches
- Firefox Zero-Day Under Attack: Update Your Browser Immediately
- Internet Archive hacked, data breach impacts 31 million users
- CISA says critical Fortinet RCE flaw now exploited in attacks
- Crypto-stealing malware campaign infects 28,000 people