After executing several PowerShell scripts using WhatsUp Gold’s Active Monitor PowerShell Script functionality, threat actors proceeded with exploiting the ‘msiexec.exe’ Windows utility to install the Atera Agent, SimpleHelp Remote Access, Splashtop Remote, and Radmin remote access tools for persistence and further payload deployment.

Article Link: Attacks exploiting WhatsUp Gold flaws underway | SC Media

1 post – 1 participant

Read full topic

​After executing several PowerShell scripts using WhatsUp Gold’s Active Monitor PowerShell Script functionality, threat actors proceeded with exploiting the ‘msiexec.exe’ Windows utility to install the Atera Agent, SimpleHelp Remote Access, Splashtop Remote, and Radmin remote access tools for persistence and further payload deployment.
Article Link: Attacks exploiting WhatsUp Gold flaws underway | SC Media
1 post – 1 participant
Read full topic