Cybercriminals are increasingly using legitimate remote monitoring and management (RMM) tools as initial payloads in email-based attacks, according to Proofpoint researchers. Tools such as ScreenConnect and Atera, designed for IT administrators to remotely manage computer systems, are being exploited for unauthorized access, data theft, and ransomware deployment. Disruption caused by law enforcement’s Operation Endgame likely led to a decline in traditional loaders and botnet malware usage. Proofpoint advises increased awareness and defensive measures like user training and network detection.
Forescout widens research on Silver Fox hackers, reveals malware clusters targeting healthcare through DICOM, HL7 exploits
Research by cybersecurity firm, Forescout Technologies, uncovered three malware clusters targeting healthcare systems, including a Trojan infecting Philips DICOM viewers. The attack exploits default credentials,
