A malicious fake RVTools installer is abusing a legitimately issued Sectigo code‑signing certificate to slip past Microsoft Defender SmartScreen and many endpoint controls, ultimately deploying a multi‑stage Python‑based RAT with deep AD reconnaissance and persistent C2 access. For VMware‑heavy environments, compromise of an administrator via this vector can effectively hand over domain‑level control to the […]

The post Malicious RVTools Installer Uses Sectigo Cert to Evade SmartScreen appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/malicious-rvtools-installer-uses-sectigo/