Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/deepthoughts10/statuses/114152810699867835">Brian Clark (deepthoughts10@infosec.exchange)'s status on Thursday, 13-Mar-2025 18:26:04 JST</a><a href="https://infosec.exchange/@deepthoughts10" title="deepthoughts10@infosec.exchange"><img src="https://gnusocial.jp/avatar/116759-48-20240113200827.webp" width="48" height="48" alt="Brian Clark" style="position: absolute; left: 0; top: 0;">Brian Clark</a><div><ul><li></ul></div></section><article><p>I’ve never heard of the MSP-focused bluetrait.io but add it to the list of legitimate services that get abused. If you don’t use this RMM service, I suggest blocking it via DNS, NGFW or Web security proxy. <a href="https://infosec.exchange/tags/cybersecurity" rel="tag">#cybersecurity</a> </p><p>From: <a href="https://infosec.exchange/@threatinsight">@threatinsight</a><br><a href="https://infosec.exchange/@threatinsight/114144688263847941" rel="nofollow">https://infosec.exchange/@threatinsight/114144688263847941</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4723973#notice-9250843">In conversation</a><time datetime="2025-03-13T18:26:04+09:00" title="Thursday, 13-Mar-2025 18:26:04 JST">about 23 days ago</time> <span>from <span><a href="https://infosec.exchange/@deepthoughts10/114152810699867835" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@deepthoughts10/114152810699867835">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: bluetrait.io</div><h5><a href="https://bluetrait.io/">Home - bluetrait.io</a></h5><div></div></header><div>The complete cloud-based MSP platform</div><footer></footer></article></li><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="https://infosec.exchange/@threatinsight/114144688263847941">Threat Insight (@threatinsight@infosec.exchange)</a></h5><div> from <span>Threat Insight</span></div></header><div>New cyber threat research from Proofpoint highlights how attackers are adapting to law enforcement disruptions, leveraging trusted software to evade detection and compromise systems.This blog details our team's findings: https://www.proofpoint.com/us/blog/threat-insight/remote-monitoring-and-management-rmm-tooling-increasingly-attackers-first-choice?campaign=2025&amp;utm_medium=social_organic.#malware #ransomware #financialtheft #dataloss</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Brian Clark (deepthoughts10@infosec.exchange)'s status on Thursday, 13-Mar-2025 18:26:04 JSTBrian Clark
- Threat Insight
I’ve never heard of the MSP-focused bluetrait.io but add it to the list of legitimate services that get abused. If you don’t use this RMM service, I suggest blocking it via DNS, NGFW or Web security proxy. #cybersecurity
From: @threatinsight
https://infosec.exchange/@threatinsight/114144688263847941
In conversationabout 23 days ago from infosec.exchangepermalink
Attachments
1. Domain not in remote thumbnail source whitelist: bluetrait.io
  Home - bluetrait.io
  The complete cloud-based MSP platform
2. No result found on File_thumbnail lookup.
  Threat Insight (@threatinsight@infosec.exchange)
  from Threat Insight
  New cyber threat research from Proofpoint highlights how attackers are adapting to law enforcement disruptions, leveraging trusted software to evade detection and compromise systems. This blog details our team's findings: https://www.proofpoint.com/us/blog/threat-insight/remote-monitoring-and-management-rmm-tooling-increasingly-attackers-first-choice?campaign=2025&utm_medium=social_organic. #malware #ransomware #financialtheft #dataloss

Public

Embed Notice

HTML Code

Corresponding Notice