Detects when the ScreenConnect client (ConnectWise Control) connects to a newly observed host server that is not the official ScreenConnect cloud. ScreenConnect is a common RMM/remote access tool ...
This project is a hands-on network traffic analysis of a real-world malware PCAP exercise. Acting as a SOC Analyst, I analyzed captured network traffic to identify, document, and map a NetSupport ...
Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that has been observed leveraging compromised websites as a distribution vector for a remote access trojan named ...
A widening cyber campaign using legitimate remote-access software to infiltrate government targets has been identified by cybersecurity researchers. The operation, discovered by Group-IB and UKUK and ...
ClickFix is not a malware, but a very successful social engineering technique. It primarily relies on MFA verification fatigue and fake CAPTCHA pages to silently install malware. Researchers have ...
Threat actors have observed the increasingly common ClickFix technique to deliver a remote access trojan named NetSupport RAT since early January 2025. NetSupport RAT, typically propagated via bogus ...
The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack. Black ...
Once the guardian angels of IT systems, remote monitoring and management (RMM) tools have become the Trojan horses of choice for savvy attackers. Attackers are increasingly abusing legitimate network ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results