Threat actors are using remote admin tools to gain access to corporate networks. They use phishing sites that mimic legitimate apps like ExpressVPN, WeChat, and Skype. The phishing sites distribute malware disguised as installers. After execution, the malware creates folders and modifies registry keys. The remote admin tools allow threat actors to remotely control and access victim's devices. Recommendations include enforcing application whitelisting, monitoring outbound traffic, and using network traffic tools. #ThreatActors #RemoteAdminTools #PhishingSites #Malware #Cybersecurity

https://cybersecuritynews.com/threat-actors-employ-remote-admin-tools/