#atera — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #atera, aggregated by home.social.
-
Hackers Hide RMM Installs as Fake Chrome Updates and Teams Invites https://hackread.com/hackers-rmm-installs-fake-chrome-updates-teams-invite/ #MicrosoftTeams #Cybersecurity #PhishingScam #CyberAttack #RedCanary #Security #Phishing #Malware #ITarian #Zscaler #Chrome #Atera #Fraud #Scam #Zoom #RMM
-
Hackers Hide RMM Installs as Fake Chrome Updates and Teams Invites https://hackread.com/hackers-rmm-installs-fake-chrome-updates-teams-invite/ #MicrosoftTeams #Cybersecurity #PhishingScam #CyberAttack #RedCanary #Security #Phishing #Malware #ITarian #Zscaler #Chrome #Atera #Fraud #Scam #Zoom #RMM
-
Hackers Hide RMM Installs as Fake Chrome Updates and Teams Invites https://hackread.com/hackers-rmm-installs-fake-chrome-updates-teams-invite/ #MicrosoftTeams #Cybersecurity #PhishingScam #CyberAttack #RedCanary #Security #Phishing #Malware #ITarian #Zscaler #Chrome #Atera #Fraud #Scam #Zoom #RMM
-
Hackers Hide RMM Installs as Fake Chrome Updates and Teams Invites https://hackread.com/hackers-rmm-installs-fake-chrome-updates-teams-invite/ #MicrosoftTeams #Cybersecurity #PhishingScam #CyberAttack #RedCanary #Security #Phishing #Malware #ITarian #Zscaler #Chrome #Atera #Fraud #Scam #Zoom #RMM
-
Discord CDN Link Abused to Deliver RAT Disguised as OneDrive File https://hackread.com/discord-cdn-link-deliver-rat-disguised-onedrive-file/ #SplashtopStreamer #SublimeSecurity #Cybersecurity #PhishingScam #Microsoft365 #CyberAttack #Security #OneDrive #Phishing #Atera #CDN
-
Discord CDN Link Abused to Deliver RAT Disguised as OneDrive File – Source:hackread.com https://ciso2ciso.com/discord-cdn-link-abused-to-deliver-rat-disguised-as-onedrive-file-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #SplashtopStreamer #SublimeSecurity #cybersecurity #Microsoft365 #PhishingScam #CyberAttack #Hackread #OneDrive #Phishing #security #Atera #CDN
-
I noticed a (minor but abusable) data leak in the RMM/PSA tool Atera a while ago, reported it and it's now fixed. I think it's somewhat interesting so I wrote it up.
https://fyr.io/post/atera-leaked-their-customers-to-mailinator
Tldr: if you tested your SMTP settings, it used a public mailbox on mailinator, allowing anyone to watch for (and respond to, if you're so inclined) mail. Phishing opportunity!
#infosec #atera #privacy #dataleak #mailinator #writeup #phishing #netsec
-
I noticed a (minor but abusable) data leak in the RMM/PSA tool Atera a while ago, reported it and it's now fixed. I think it's somewhat interesting so I wrote it up.
https://fyr.io/post/atera-leaked-their-customers-to-mailinator
Tldr: if you tested your SMTP settings, it used a public mailbox on mailinator, allowing anyone to watch for (and respond to, if you're so inclined) mail. Phishing opportunity!
#infosec #atera #privacy #dataleak #mailinator #writeup #phishing #netsec
-
I noticed a (minor but abusable) data leak in the RMM/PSA tool Atera a while ago, reported it and it's now fixed. I think it's somewhat interesting so I wrote it up.
https://fyr.io/post/atera-leaked-their-customers-to-mailinator
Tldr: if you tested your SMTP settings, it used a public mailbox on mailinator, allowing anyone to watch for (and respond to, if you're so inclined) mail. Phishing opportunity!
#infosec #atera #privacy #dataleak #mailinator #writeup #phishing #netsec
-
I noticed a (minor but abusable) data leak in the RMM/PSA tool Atera a while ago, reported it and it's now fixed. I think it's somewhat interesting so I wrote it up.
https://fyr.io/post/atera-leaked-their-customers-to-mailinator
Tldr: if you tested your SMTP settings, it used a public mailbox on mailinator, allowing anyone to watch for (and respond to, if you're so inclined) mail. Phishing opportunity!
#infosec #atera #privacy #dataleak #mailinator #writeup #phishing #netsec
-
I noticed a (minor but abusable) data leak in the RMM/PSA tool Atera a while ago, reported it and it's now fixed. I think it's somewhat interesting so I wrote it up.
https://fyr.io/post/atera-leaked-their-customers-to-mailinator
Tldr: if you tested your SMTP settings, it used a public mailbox on mailinator, allowing anyone to watch for (and respond to, if you're so inclined) mail. Phishing opportunity!
#infosec #atera #privacy #dataleak #mailinator #writeup #phishing
-
Is Agentic AI too smart for your own good? https://www.helpnetsecurity.com/2025/02/27/agentic-ai-risks/ #Artificialintelligence #Don'tmiss #ProtectAI #strategy #Atera #News #CISO #tips #7AI #CXO
-
Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater” – Source: news.sophos.com https://ciso2ciso.com/sophos-mdr-blocks-and-tracks-activity-from-probable-iranian-state-actor-muddywater-source-news-sophos-com/ #legitimateserviceabuse #SecurityOperations #ThreatResearch #nakedsecurity #0CISO2CISO #MuddyWater #phishing #STAC1171 #Atera #TA450 #MDR #RMM
-
@acrypthash How you liking #ninjaone? We just moved from #connectwise automate to #atera and never been happier.
-
"⚠️ Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks ⚠️"
Zero-day vulnerabilities in Windows Installers for the Atera software could lead to privilege escalation attacks. Patch now!
Source: [The Hacker News](https://thehackernews.com/2023/07/critical-zero-days-in-atera-windows.html)
Tags: #Atera #Windows #ZeroDay #PrivilegeEscalation #CyberSecurity 🚨🔓🌐
-
The #SophosMDR team also discovered cases where threat actors targeting #PaperCut were abusing the bitsadmin.exe Windows application to download payloads. #BITSAdmin is commonly abused by active adversaries as a "living off the land binary" or #LOLbin, handy for accomplishing the task of downloading payloads.
The tools exploited in the attacks have included what we refer to as “dual-use agents,” used both legitimately by IT staff and maliciously by attackers. At the time of writing, Sophos has observed the abuse of #AnyDesk, #Atera, #Synchro, #TightVNC, #NetSupport, and #DWAgent remote management tools across multiple campaigns.
4/6
-
The #SophosMDR team also discovered cases where threat actors targeting #PaperCut were abusing the bitsadmin.exe Windows application to download payloads. #BITSAdmin is commonly abused by active adversaries as a "living off the land binary" or #LOLbin, handy for accomplishing the task of downloading payloads.
The tools exploited in the attacks have included what we refer to as “dual-use agents,” used both legitimately by IT staff and maliciously by attackers. At the time of writing, Sophos has observed the abuse of #AnyDesk, #Atera, #Synchro, #TightVNC, #NetSupport, and #DWAgent remote management tools across multiple campaigns.
4/6
-
The #SophosMDR team also discovered cases where threat actors targeting #PaperCut were abusing the bitsadmin.exe Windows application to download payloads. #BITSAdmin is commonly abused by active adversaries as a "living off the land binary" or #LOLbin, handy for accomplishing the task of downloading payloads.
The tools exploited in the attacks have included what we refer to as “dual-use agents,” used both legitimately by IT staff and maliciously by attackers. At the time of writing, Sophos has observed the abuse of #AnyDesk, #Atera, #Synchro, #TightVNC, #NetSupport, and #DWAgent remote management tools across multiple campaigns.
4/6
-
The #SophosMDR team also discovered cases where threat actors targeting #PaperCut were abusing the bitsadmin.exe Windows application to download payloads. #BITSAdmin is commonly abused by active adversaries as a "living off the land binary" or #LOLbin, handy for accomplishing the task of downloading payloads.
The tools exploited in the attacks have included what we refer to as “dual-use agents,” used both legitimately by IT staff and maliciously by attackers. At the time of writing, Sophos has observed the abuse of #AnyDesk, #Atera, #Synchro, #TightVNC, #NetSupport, and #DWAgent remote management tools across multiple campaigns.
4/6
-
The #SophosMDR team also discovered cases where threat actors targeting #PaperCut were abusing the bitsadmin.exe Windows application to download payloads. #BITSAdmin is commonly abused by active adversaries as a "living off the land binary" or #LOLbin, handy for accomplishing the task of downloading payloads.
The tools exploited in the attacks have included what we refer to as “dual-use agents,” used both legitimately by IT staff and maliciously by attackers. At the time of writing, Sophos has observed the abuse of #AnyDesk, #Atera, #Synchro, #TightVNC, #NetSupport, and #DWAgent remote management tools across multiple campaigns.
4/6
-
Post-exploitation activity targeting #PaperCut often results in #PowerShell commands being executed by the pc-app.exe parent process. We've collected logs of the affected system downloading #Atera remote monitoring software to the victim. (Atera is, of course, legitimate software, being abused by the attackers in this situation.)
Different threat groups are abusing PowerShell in different ways. One group calls PowerShell commands directly, as shown here. This particular attacker delivered a ransomware binary that was hosted on the ephemeral file host #tmpfiles (files hosted there are deleted from the server after 60 minutes):
3/6
-
Atera raises $77M at a $500M valuation to help SMBs manage their remote networks like enterprises do - When it comes to software to help IT manage workers’ devices wherever they happen ... - http://feedproxy.google.com/~r/Techcrunch/~3/V_8zlBPatEU/ #remotedevicemanagement #remotemonitortech #endpointsecurity #remotemonitoring #smallbusinesses #remoteworking #enterprise #funding #europe #atera #smbs #smes #it