All news with #rmm tag

Hackers Use RMM Tools to Breach Freighters and Steal Cargo

🚨 Threat actors are targeting freight brokers and carriers with malicious emails and compromised load-board posts to deliver remote monitoring and management tools (RMM) such as ScreenConnect, NetSupport, and PDQ Connect. Once installed, attackers gain remote control to alter bookings, block notifications, harvest credentials, and impersonate carriers to reroute and physically steal high-value shipments. Proofpoint tracked dozens of campaigns since January, primarily in North America, exploiting social engineering and legitimate RMM functionality.

Phishing Campaign Uses Fake LastPass/Bitwarden Breach Alerts

⚠ The phishing campaign impersonates LastPass and Bitwarden, sending convincing emails claiming breaches and urging users to install a 'more secure' desktop app. The distributed binary installs the legitimate Syncro MSP agent, which then deploys ScreenConnect remote-access software to give attackers persistent control. Cloudflare is blocking the malicious landing pages, and vendors confirm no breaches occurred.