TrendAI researchers revealed that criminal elements from the Middle East are using legitimate remote management tools (RMM) to penetrate corporate networks in Israel. The attackers use malicious emails as bait (“Initial Access”), and from there they move on to the activation of innocent management tools that allow them full control over servers and endpoints without alerting classic defense systems. The attack is still active.
The attack targets organizations in Israel from all sectors, using the public tool screen connect and so far dozens of organizations have been attacked. According to the researchers, this is a low-sophisticated threat actor, but because it targets a wide range of organizations and because the attacked tools are defined as safe in most organizations, the attack manages to bypass traditional security barriers.
TrendAI researchers urge information security managers to proactively hunt for unusual RMM activity and impose strict restrictions on the use of these tools until further notice. This is an active event, and you must make sure that the systems in your organization are monitored and that access to these tools is limited to authorized persons only.
TrendAI recommends immediate steps for treatment. Monitoring: increasing control over remote management tools (such as ScreenConnect, TeamViewer, AnyDesk) and blocking installations/runs of unapproved versions or tools not in declared use.
Hardening: Enforce multi-factor authentication (MFA) on all remote connections, without exception.
Filtering: scanning for incoming emails containing links or files linking to these management tools, and blocking the IP addresses of the control servers (C2) of the tools if possible.
Review: Checking the authorization list in the corporate RMM to detect new users or devices that have not been defined by the IT team.
https://astra-hotel.ch/articles/comment_un_casino_en_ligne_transforme_le_choix_des_jeux_en_parcours_guide_pour_chaque_profil.html
https://lochkreis.ch/wp-content/pgs/?ce_quun_casino_en_ligne_etranger_revele_a_travers_ses_conditions_de_bonus_et_ses_regles_de_retrait.html
https://benjie.ch/img/pgs/pourquoi_un_meilleur_casino_en_ligne_se_distingue_par_la_gestion_des_retraits_et_des_litiges.html
https://rebwein.ch/assets/pgs/?comment_un_casino_en_ligne_international_adapte_son_lobby_aux_preferences_culturelles_des_joueurs.html
https://salvioni.ch/wp-content/pages/comment_un_casino_international_en_ligne_transforme_la_gestion_du_compte_joueur_en_avantage_competit.html
https://astra-hotel.ch/articles/comment_un_casino_en_ligne_repense_la_relation_entre_divertissement_controle_et_simplicite_dusage.html
https://lochkreis.ch/wp-content/pgs/?ce_quun_nouveau_site_de_casino_en_ligne_doit_montrer_dans_son_espace_joueur_des_le_depart_1.html
https://sud-ep.ch/wp-content/pgs/pourquoi_un_meilleur_nouveau_casino_en_ligne_se_distingue_par_la_coherence_entre_bonus_jeux_et_paie_1.html
https://benjie.ch/img/pgs/pourquoi_un_nouveau_casino_en_ligne_doit_penser_ses_retraits_comme_un_argument_de_confiance.html
https://rebwein.ch/assets/pgs/?comment_un_nouveau_site_de_casino_en_ligne_transforme_linscription_en_premier_test_de_transparence.html
https://astra-hotel.ch/articles/comment_un_nouveau_casino_en_ligne_peut_batir_sa_credibilite_sans_historique_long.html
https://benjie.ch/img/pgs/comment_un_casino_en_ligne_peut_creer_une_experience_plus_fluide_grace_a_un_compte_joueur_mieux_pens.html
https://sellerie-curty.ch/themes/pag/comment_un_casino_en_ligne_international_adapte_ses_bonus_aux_devises_aux_langues_et_aux_marches_lo.html
https://rebwein.ch/assets/pgs/?pourquoi_un_meilleur_casino_en_ligne_se_reconnait_dans_la_clarte_de_ses_regles_avant_meme_le_premier.html
https://www.daily-media.ch/wp-content/pgs/casino_en_ligne_etranger_entre_licences_paiements_et_support.html
https://tethong.ch/wp-content/pgs/pourquoi_un_casino_international_en_ligne_redefinit_la_place_du_live_casino_dans_lexperience_mobile.html
https://tethong.ch/wp-content/pgs/comment_un_casino_en_ligne_international_construit_une_experience_coherente_malgre_des_regles_locale.html
https://benjie.ch/img/pgs/comment_un_casino_en_ligne_transforme_la_navigation_en_avantage_pour_les_joueurs_reguliers.html
https://rebwein.ch/assets/pgs/?pourquoi_un_meilleur_casino_en_ligne_se_reconnait_dans_la_qualite_de_son_service_apres_une_erreur.html
https://lochkreis.ch/wp-content/pgs/?ce_qu_un_casino_en_ligne_etranger_doit_expliquer_avant_qu_un_joueur_active_son_premier_bonus.html
https://sud-ep.ch/wp-content/pgs/comment_un_casino_international_en_ligne_ameliore_ses_standards_grace_aux_marches.html
https://tethong.ch/wp-content/pgs/comment_un_casino_en_ligne_transforme_les_habitudes_de_jeu_grace_aux_micro_sessions_mobiles.html
https://lochkreis.ch/wp-content/pgs/?comment_un_casino_en_ligne_international_harmonise_les_parcours_kyc_sans_perdre_les_reperes_locaux.html
https://dico-visuo-semantique.ch/wp-content/pgs/pourquoi_un_meilleur_casino_en_ligne_se_juge_aussi_sur_la_facon_dont_il_explique_ses_refus.html
https://sud-ep.ch/wp-content/pgs/pourquoi_un_casino_international_en_ligne_standardise_les_comptes_multidevises.html