Legitimate Remote Access Tool Weaponized by Attackers Using Authenticode Stuffing. Researchers are tracking a rise in online attacks involving legitimate ConnectWise software that’s been repurposed by attackers, using a tactic that leaves the installation software vendor-signed, while adding capabilities that turn it into malware, thanks to a tactic called Authenticode stuffing.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/attackers-wield-signed-connectwise-installers-as-malware-a-28799
