CP
cyberpings
Threat IntelHIGH

RMM Tools Targeted in Rising Cyber Attacks

HNHuntress BlogDec 18, 2025
RMMPDQGoTo Resolvecyber attacksthreat actors
🎯

Basically, hackers are using certain software to control computers remotely for attacks.

Quick Summary

Cybersecurity experts warn that hackers are exploiting RMM tools like PDQ and GoTo Resolve. This poses a serious risk to organizations, as these tools are trusted for IT management. Protect your systems by tightening access controls and monitoring for unusual activity.

What Happened

Cybersecurity experts have noticed a troubling trend: threat actors are increasingly using remote monitoring and management (RMM) tools like PDQ? and GoTo Resolve? to launch attacks. These tools, typically used for legitimate IT management, are being weaponized by cybercriminals to gain unauthorized access to systems.

In recent observations by the Huntress Security Operations Center (SOC), these RMM tools are being leveraged to deploy malicious payloads? and conduct further attacks. This shift in tactics highlights a growing sophistication among threat actors?, who are now using tools that many organizations trust for their IT operations.

The implications are serious. When hackers exploit these trusted tools, they can bypass traditional security measures, making it harder for organizations to detect and respond to intrusions. This trend raises alarms about the security of IT management systems and the potential for widespread damage.

Why Should You Care

You might think of RMM tools as the friendly helpers that keep your company's computers running smoothly. However, when these tools fall into the wrong hands, they can become dangerous weapons. Imagine if someone could remotely control your car — they could drive it wherever they want without your permission. That's what happens when hackers use RMM tools to access your systems.

If you use PDQ? or GoTo Resolve? in your organization, this news is particularly relevant. The risk is not just about data theft; it could lead to operational disruptions, financial losses, and damage to your reputation. Protecting your systems is crucial because a single breach can have far-reaching consequences.

What's Being Done

In response to this alarming trend, cybersecurity experts are urging organizations to take immediate action. Here are some steps you can take:

  • Review and tighten access controls for RMM tools.
  • Monitor for unusual activity related to these tools.
  • Educate your staff about the risks associated with RMM software.

Experts are keeping a close eye on how these tactics evolve and are advising organizations to remain vigilant. As threat actors? continue to refine their methods, staying informed and proactive is your best defense against potential attacks.

💡 Tap dotted terms for explanations

🔒 Pro insight: The increasing use of RMM tools by threat actors indicates a shift towards exploiting trusted IT management software for malicious purposes.

Original article from

Huntress Blog

Read Full Article

Share

Related Pings

HIGHThreat Intel

Alignment: The Key to Cybersecurity Success

Organizations are prioritizing alignment in cybersecurity to enhance their defenses. This affects everyone, as misalignment can leave your data exposed. Companies are now investing in training and collaboration to strengthen their security posture. Stay informed about how these changes impact your safety online.

Anthropic Research·Today, 3:38 AM
HIGHThreat Intel

FBI Probes Suspicious Cyber Activity on Surveillance Systems

The FBI is looking into suspicious cyber activity affecting sensitive surveillance systems. This could impact privacy and data security. Stay informed and review your own security practices.

SecurityWeek·Today, 1:01 AM
MEDIUMThreat Intel

AI-Powered Cyber Defense: Trump's New Strategy Unveiled

The Trump administration has announced a new cybersecurity strategy focusing on AI for defense. While promising, it lacks crucial details. This could affect your online security, so stay informed about developments.

Cybersecurity Dive·Yesterday, 10:36 PM
HIGHThreat Intel

Iran's MuddyWater Breaches Multiple U.S. Organizations

Iran's MuddyWater hacking group has breached multiple U.S. organizations, raising significant security alarms. These attacks could compromise sensitive information and disrupt essential services. The FBI is investigating, and Cisco has issued critical patches to address vulnerabilities.

CyberWire Daily·Yesterday, 9:30 PM
HIGHThreat Intel

MuddyWater APT Hits U.S. Organizations with Dindoor Malware

MuddyWater, an Iranian hacker group, is targeting U.S. organizations with new Dindoor malware. Banks, airports, and nonprofits are at risk of data breaches and disruptions. Cybersecurity teams are responding with updates and monitoring measures to protect sensitive information.

Security Affairs·Yesterday, 8:05 PM
HIGHThreat Intel

North Korean Threat Groups Exploit AI for Fake Worker Schemes

North Korean hackers are using AI to create fake job applicants. This tactic poses serious risks to companies and their sensitive data. Microsoft warns organizations to enhance their recruitment processes to combat this growing threat.

CyberScoop·Yesterday, 7:16 PM