RMM Tools Fuel Stealthy Phishing Campaign
Summary
Attackers are leveraging two remote monitoring and management (RMM) tools to carry out a stealthy phishing campaign that has affected more than 80 organizations. This tactic allows them to evade traditional security defenses by operating within legitimate IT management software.
IFF Assessment
The use of RMM tools by attackers to conduct phishing campaigns represents a sophisticated threat that bypasses common security measures, making it harder for defenders to detect and prevent.
Defender Context
Defenders should be aware of the increasing use of legitimate IT tools like RMM software for malicious purposes. Monitoring for unusual activity within these management platforms and implementing strict access controls and least privilege principles are crucial to mitigating this threat.