US Government Agencies Warn of Malicious Use of Remote Management Software

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) are warning organizations of malicious attacks using legitimate remote monitoring and management (RMM) software. IT service providers use RMM applications to remotely manage their clients’ networks and endpoints, but threat actors are abusing these tools to […]

Continue Reading

Chinese Hackers Adopting Open Source ‘SparkRAT’ Tool

A Chinese threat actor tracked as DragonSpark has been using the SparkRAT open source remote administration tool (RAT) in recent attacks targeting East Asian organizations, cybersecurity firm SentinelOne reports. Relatively new, SparkRAT is a multi-platform RAT written in Golang that can run on Windows, Linux, and macOS systems, and which can update itself with new […]

Continue Reading

Attackers use portable executables of remote management software to great effect

Tricking users at targeted organizations into installing legitimate remote monitoring and management (RMM) software has become a familiar pattern employed by financially motivated attackers. No organization is spared, not even agencies of the US federal civilian executive branch – as the Cybersecurity and Infrastructure Security Agency (CISA) warned on Wednesday. Attackers’ modus operandi “In October […]

Continue Reading

Malicious Prompt Engineering With ChatGPT

The release of OpenAI’s ChatGPT available to everyone in late 2022 has demonstrated the potential of AI for both good and bad. ChatGPT is a large-scale AI-based natural language generator; that is, a large language model or LLM. It has brought the concept of ‘prompt engineering’ into common parlance. ChatGPT is a chatbot launched by […]

Continue Reading

Riot Games Says Source Code Stolen in Ransomware Attack

Video games developer Riot Games on Tuesday confirmed that source code was stolen from its development systems during a ransomware attack last week. The incident was initially disclosed on January 20, when the company announced that systems in its development environment had been compromised and that the attack impacted its ability to release content. “Earlier […]

Continue Reading