Close Menu
Indo Guard OnlineIndo Guard Online
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
What's Hot

Google exposes Vishing Group UNC6040 target on Salesforce with a fake app for a data loader

June 4, 2025

Malicious Chaos Rats are aimed at Windows and Linux via fake network downloads

June 4, 2025

Why do traditional DLP solutions do not get in the browser era

June 4, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Indo Guard OnlineIndo Guard Online
Subscribe
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
Indo Guard OnlineIndo Guard Online
Home » Initial Access brokers
Global Security

Initial Access brokers

AdminBy AdminMay 9, 2025No Comments3 Mins Read
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link


09 May 2025Red LakshmananMalicious software / email safety

Cybersecurity researchers have warned of a new campaign aimed at Portuguese users in Brazil with a trial version of commercial software for remote monitoring and management (RMM) since January 2025.

“In the SPAM message used Brazilian Electronic Account System – Note In the report on Thursday.

Attack networks start with a specially designed spam -electronic letters that claim that they come from financial institutions or cellphone media, preferred accounts or payable payments to fool users to press Bogus Dropbox links indicating the binary installer for the RMM instrument.

Two notable RMM tools observed N-IT RMM Remote Access and PDQ ConnectGiving the attackers the ability to read and write files in a remote file system.

In some cases, the actors threatens use the distant capabilities of these agents to download and install additional RMM software, such as Screenconnect after the initial compromise.

Based on the common recipients, it was found that the company is mainly focused on CEAs and financial and human resources in several fields, including some educational and government agencies.

Also with high confidence, the activity of the original access broker (IAB), which abuses free trial periods related to different RMM programs to gain unauthorized access. Since then, N-Fave has taken measures to shut down the affected accounts.

Cybersecurity

“The abuse of opponents by commercial RMM tools has invariably increased in recent years,” Venorer said. “These tools are of interest to the threat to the subjects as they are usually signed by digital organizations and are quite noticeable back.”

“They also have virtually no costs in the software and infrastructure, as all this is usually provided in the application for a trial version.”

Development occurs against the background of various phishing campaigns that are designed for the parties of modern protection and distribute a wide range of malware or collecting victims –

  • A company conducted by a South American cybercrime group called Hive0148 for distribution Grandoreiro Banking Trojan for users in Mexico and Costa -Cric.
  • A company that uses the legal file distribution service named Obtain bypass security protection and send users to links to hosting malware
  • A company that uses Baits with order sales For delivery Form of books Malicious software using the Microsoft Word document that is sensitive to many years of lack of equation editor (Cve-2017-1188)
  • A company aimed at organizations in Spain, Italy and Portugal, using accounts related to trayan -based Java, called Rat Rat which can execute deleted commands, log keys, screenshots and steal sensitive data
  • The company that used Legitimate application 2FA tycoon Fix users’ accounts under the guise of viewing the “new agreement”
  • Companies that relate Coded JavaScript in SVG files, links registered in BOOBY in PDF, attachments, dynamic phishing URLs that are displayed in the files that are in files
  • Companies that abuse Cloudflare Tunning Function TryCloudflare deploy malicious software like Assembly

“The attackers are constantly developing tactics to bypass modern email safety and final points, making the detection and mitigation of phishing attempts more complicated,” Intezer Guri’s researcher said last month. “And despite the progress in cybersecurity instruments, many phishing companies are still successfully achieving users’ mailboxes.”

Found this article interesting? Keep track of us further Youter  and LinkedIn To read more exclusive content we publish.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Admin
  • Website

Related Posts

Google exposes Vishing Group UNC6040 target on Salesforce with a fake app for a data loader

June 4, 2025

Malicious Chaos Rats are aimed at Windows and Linux via fake network downloads

June 4, 2025

Why do traditional DLP solutions do not get in the browser era

June 4, 2025

Packages malicious Pypi, NPM and Rubin

June 4, 2025

HPE releases security patch for Storeonce error, which allows by -by -distance authentication

June 4, 2025

Fake Docusign, Gitcode Sites Distributed Netsupport Rat Through Multiple Attack PowerShell

June 3, 2025
Add A Comment
Leave A Reply Cancel Reply

Loading poll ...
Coming Soon
Do You Like Our Website
: {{ tsp_total }}

Subscribe to Updates

Get the latest security news from Indoguardonline.com

Latest Posts

Google exposes Vishing Group UNC6040 target on Salesforce with a fake app for a data loader

June 4, 2025

Malicious Chaos Rats are aimed at Windows and Linux via fake network downloads

June 4, 2025

Why do traditional DLP solutions do not get in the browser era

June 4, 2025

Packages malicious Pypi, NPM and Rubin

June 4, 2025

HPE releases security patch for Storeonce error, which allows by -by -distance authentication

June 4, 2025

Fake Docusign, Gitcode Sites Distributed Netsupport Rat Through Multiple Attack PowerShell

June 3, 2025

Critical 10-year Error Webmail RoundCube allows users to run the malicious code

June 3, 2025

Understanding the scammers and how to defend their organization

June 3, 2025
About Us
About Us

Provide a constantly updating feed of the latest security news and developments specific to Indonesia.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

Google exposes Vishing Group UNC6040 target on Salesforce with a fake app for a data loader

June 4, 2025

Malicious Chaos Rats are aimed at Windows and Linux via fake network downloads

June 4, 2025

Why do traditional DLP solutions do not get in the browser era

June 4, 2025
Most Popular

In Indonesia, crippling immigration ransomware breach sparks privacy crisis

July 6, 2024

Why Indonesia’s Data Breach Crisis Calls for Better Security

July 6, 2024

Indonesia’s plan to integrate 27,000 govt apps in one platform welcomed but data security concerns linger

July 6, 2024
© 2025 indoguardonline.com
  • Home
  • About us
  • Contact us
  • Privacy Policy

Type above and press Enter to search. Press Esc to cancel.