All news with #remote access tools tag

Stolen Credentials and Remote Access Abuse in 2025

🔒 FortiGuard Incident Response observed that in H1 2025 financially motivated actors frequently used stolen credentials and legitimate remote-access software to gain and extend access across environments. Adversaries relied on compromised VPN logins, password reuse, or purchased credentials, deploying tools like AnyDesk, Splashtop, Atera and ScreenConnect to move laterally and exfiltrate data manually. These intrusions often bypass endpoint-focused defenses because activity mimics normal user behavior, so FortiGuard emphasizes identity- and behavior-driven detection, broad MFA enforcement, and monitoring of remote access tooling.