U.S. federal agencies identified a widespread cyber campaign leveraging legitimate remote monitoring and management software to compromise federal networks.
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) released the joint cybersecurity advisory on the malicious use of remote monitoring and management (RMM) software in helpdesk-themed scams.
Using the intrusion detection system EINSTEIN, CISA has identified several federal victims since June 2022.