Cybercriminals are increasingly using legitimate remote monitoring and management (RMM) tools as initial payloads in email-based attacks, according to Proofpoint researchers. Tools such as ScreenConnect and Atera, designed for IT administrators to remotely manage computer systems, are being exploited for unauthorized access, data theft, and ransomware deployment. Disruption caused by law enforcement’s Operation Endgame likely led to a decline in traditional loaders and botnet malware usage. Proofpoint advises increased awareness and defensive measures like user training and network detection.
Chinese Cyber Espionage Group UNC3886 Backdoored Juniper Routers
Google’s security team, Mandiant, has exposed a series of attacks on Juniper routers with the Junos OS, linked to a Chinese hacking group UNC3886. The
