Defending against malicious actions with such remote software can be even more intricate for organizations having approved its legitimate usage. The latter has been often encountered in the wild in the past years as a preferred tool leveraged by known threat actors.Īs such, Anydesk should be closely monitored as threat actors could easily alter or delete data after a successful attack sometimes it is not possible to restore those altered logs. When performing incident response, the adversary often uses legitimate remote access software as an interactive command and control channel.ĪnyDesk 1 is one of those software being extensively used as a sublayer of persistence by threat actors or access other servers in the environment via RDP 2.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |