Threat Actors Weaponize Tiflux RMMs in Malspam Attacks

Since late February, there has been an uptick in incidents involving Tiflux, a lesser-known Brazilian commercial remote management tool being weaponized by threat actors. The attack chain begins with phishing emails containing fake document lures that deliver a malicious MSI installer. Once executed, the installer deploys multiple remote access tools including UltraVNC, Splashtop, and ScreenConnect for persistent access. The Tiflux installer contains concerning components such as outdated VNC versions from 2014, expired certificates, hardcoded passwords, and a vulnerable HwRwDrv.sys driver known for privilege escalation abuse. The threat actors leverage these tools to establish persistence, capture screenshots, and collect system profiling information. This campaign exemplifies the continuing pattern of adversaries abusing legitimate remote management software for stealthy access to victim environments while chaining multiple tools together to maintain control.

Pulse ID: 69fd4f31a337de81bfb907d5
Pulse Link: https://otx.alienvault.com/pulse/69fd4f31a337de81bfb907d5
Pulse Author: AlienVault
Created: 2026-05-08 02:49:21

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Brazil #CyberSecurity #Email #InfoSec #MalSpam #OTX #OpenThreatExchange #Password #Passwords #Phishing #ScreenConnect #Spam #VNC #Word #bot #AlienVault

Customize which user settings are saved in the shared document ⚙️ With “User Specific Settings” you can configure which settings you want to save locally per user instead of inside the document 💡

#devops #itadmin #remotemanagement #RDP #msrdp #remotedesktop #azure #bastion #SSH #terminal #VNC

💬 Answering Frequently Asked Questions to our new licensing and versioning model for Royal TS, Royal TSX, Royal Server, and the upcoming Royal Connect product line 💡 Read more details in our Blogpost: https://www.royalapps.com/blog/licensing-and-versioning

#devops #itadmin #remotemanagement #RDP #msrdp #remotedesktop #azure #bastion #SSH #terminal #VNC

Why is #KRFB such crap for a native app?

It won't properly work with scaling of display - set 150% and your cursor goes to bottom right corner.
It won't receive special keys - want ctrl or alt? Nope.

I use #VNCviewer and never had such issues.
If I enable relative cursor position - cursor won't work at all.
Special keys are enabled by default and work in other #vnc servers.
@kde @[email protected] @kde_community @[email protected]
#kde #plasma #kde6

Cyberattacks Expose 1.8M RDP Servers Online

A shocking 1.8 million RDP servers are currently vulnerable to cyberattacks, leaving them open to exploitation by opportunistic hackers. Canadian authorities have also cracked down on SMS blaster phishing, arresting three men and seizing a device that sent fake texts to unsuspecting phones.

https://osintsights.com/cyberattacks-expose-18m-rdp-servers-online?utm_source=mastodon&utm_medium=social

#RemoteDesktop #Vnc #ExposedServers #Phishing #SmsBlaster

Use Any PC as a Second Monitor on Linux (Hyprland Virtual Display Guide)

https://watch.linuxrenaissance.com/w/5UbQAxFdWrpzs1oe3HUiGV

Soon we’re introducing a new licensing and versioning model for Royal TS, Royal TSX, Royal Server, and the upcoming Royal Connect product line! 🙌🏼 🚀 Check out all details in our Blogpost: https://www.royalapps.com/blog/licensing-and-versioning

#devops #itadmin #remotemanagement #RDP #msrdp #remotedesktop #azure #bastion #SSH #terminal #VNC

iPhoneやiPadからMacを遠隔操作できるリモートデスクトップアプリ「Astropad Workbench」が英語以外の音声入力、バックグラウンド接続などをサポート。
https://applech2.com/archives/20260429-astropad-workbench-v1-2-support-speech-to-text-and-background.html

#applech2 #Astropad #AppStore #AstroHQ #iPad #iPhone #Mac #News #VNC #アプリ #サブスクリプション #有料