Application frozen? Process causing issues? Open the Remote Task Manager and troubleshoot problems without disrupting the user with NetSupport Manager. Start a free trial at: buff.ly/narxhFa #RemoteSupport #ITSupport #Helpdesk #TechSupport #ITManagement

Big news! We’re thrilled to announce that classroom.cloud is a Headline Partner for @EduFuturists Uprising 2026! 🎉 The 8th annual celebration is heading to Liverpool on 25th June, bringing together forward-thinking educators, innovators and leaders who are actively reshaping the future of education. 👇 Don't miss out! Register for the event and discover how classroom.cloud can transform your school today. buff.ly/C5yOfzt #Uprising26 #EdTech #classroomcloud #NetSupport

This June is about to get very busy! ❤️  Our NetSupport team will be travelling across the UK to attend @TheANME events, meeting with education leaders, school network managers and IT professionals along the way. If you're attending any of the above, please come say hello! 👋

This June is about to get very busy! ❤️ Our NetSupport team will be travelling across the UK to attend @TheANME events, meeting with education leaders, school network managers and IT professionals along the way. We're excited to share how NetSupport supports schools with classroom management, safeguarding, IT management, and more. If you're attending ANME at any of the above places, please come say hello! 👋 #ANME #EdTech #EducationTechnology #SchoolIT #NetworkManagers #DigitalLearning #Safeguarding #NetSupport #EducationLeadership #UKEducation

Three screens. Four applications. One user. No problem with NetSupport Manager's multi-monitor support. NetSupport Manager lets technicians switch between multiple remote monitors with ease, helping resolve issues faster. Learn more at: buff.ly/fm0A073 #ITSupport

Is your school ready for Martyn’s Law? 🚨 Under the Terrorism (Protection of Premises) Act 2025, UK schools with a capacity of 200 must comply by early spring 2027. This means having simple, workable procedures for evacuation, invacuation, lockdown and communication. 👉️Discover how NetSupport Notify can help keep your school safe and compliant: buff.ly/DQkRABo #MartynsLaw #SchoolSafety #EdTech #SchoolLeaders

Remote control and support solutions shouldn't be complicated! That's why we're delighted that our customers praise NetSupport Manager's ease of use, and how it helps them to provide quick and effective #RemoteSupport. Here are some of their thoughts: buff.ly/QhJhuff

Remote control and support solutions shouldn't be complicated! That's why we're delighted that our customers praise NetSupport Manager's ease of use, and how it helps them to provide quick and effective remote support. Here are some of their thoughts: buff.ly/QhJhuff#RemoteContro… #RemoteAccess #ITSupport #NetSupportManager

Interlock ransomware group pivots from user-driven attacks to zero-day exploitation, deploying AI-generated Slopoly backdoor to bypass security controls. Active campaign exploited Cisco FMC vulnerability for 36 days before patching. Key technical details: • CVE-2026-20131: Zero-day in Cisco Secure FMC enabling root RCE via crafted HTTP requests with serialized Java • Slopoly backdoor: AI-generated PowerShell C2 framework with WebSocket persistence and real-time communication • Hotta Killer: Custom utility exploiting CVE-2025-61155 in GameDriverX64.sys for kernel-level EDR disabling (T1685) • Memory-resident Java webshells intercept HTTP requests, decrypt commands, execute in-memory to evade AV • LOLBAS abuse: BITSAdmin, PowerShell, AZCopy for staging, lateral movement, and Azure Blob exfiltration (T1567.002) Attack chain methodology: • Phase 1: Shifted from drive-by downloads to direct infrastructure targeting via network edge vulnerabilities • Phase 2-3: Volatility for credential extraction, Certipy for AD CS privilege escalation, NetSupport RAT deployment • Phase 4-5: Advanced Port Scanner reconnaissance, RDP pivoting to DCs/Exchange, HAProxy nodes for exfiltration masking • Phase 6: PsExec domain-wide ransomware deployment with .interlock extension and !__README__!.txt notes Hunt for AZCopy activity to unfamiliar Azure destinations, NetSupport/AnyDesk from servers, and recurring /api/commands HTTP beaconing patterns. #DFIR_Radar

Unidentified RAT pushes NetSupport RAT -- isc.sans.edu/forums/diary/Un…

Multi-stage infection chain: Unknown RAT delivers NetSupport RAT via SmartApeSG ClickFix campaign. Initial RAT maintains persistent C2 since April 2026, now pushing secondary payloads through encoded traffic over port 443. Attack chain breakdown: • Fake verification page tricks users into running PowerShell ClickFix script • Downloads 26MB ZIP from silverharvestnetwork[.]com containing unknown RAT payload • Initial RAT establishes C2 to 89[.]110[.]110[.]119:443 using non-TLS encoded traffic • Secondary stage drops NetSupport RAT via processor.vbs → token.bat → setup.cab extraction • NetSupport RAT persists in C:\ProgramData\UpdateInstaller\ with C2 to 185[.]163[.]47[.]217:443 Forensic artifacts: • VBS/BAT scripts auto-delete after NetSupport installation (T1070.004) • CAB archive extraction leaves temporary files before cleanup • Dual C2 channels indicate coordinated multi-RAT deployment • Daily IoC rotation suggests automated infrastructure management Hunt for non-TLS traffic to port 443, monitor ProgramData directory for VBS/BAT execution, and baseline legitimate NetSupport installations to identify unauthorized deployments. #DFIR_Radar

#netsupport Samples Collection Updated 👇 bazaar.abuse.ch/browse/signa… Client32.ini 63854f102887b53a10f4fdeb44d7ab15 5.252.177.201:443 Client32.ini cecb6e6d005f42268346aad378ef9e4b 65.109.104.71:443 new NSM.LIC e3ee93f6840cc71638474435ace79050 cc @500mk500

Notre article offert de la semaine s'intéresse à l'utilisation des outils d'administration à distance tels que #Anydesk ou bien #NetSupport par des acteurs malveillants. Retrouvez-le sans plus tarder sur connect.ed-diamond.com/misc/…. #cybersécurité #RAT

#booking #clickfix #netsupport 👇 security-check-guest.]com/sign-in/zcgbs460? 👇 209.99.186.]243/sisirom 👇 msi> pw "fanbot" grace.7z > 👇Client32.ini feersona.]net:443 bryonsad.]net:443 209.99.186.]75/fakeurl.htm Samples bazaar.abuse.ch/browse/tag/b… AnyRun app.any.run/tasks/ca2e99cd-6…

Just wrapped up a deep packet investigation into a NetSupport Manager RAT infection from a recent pcap file. see thread below🧶

Looks like #NetSupport RAT @abuse_ch 'install.ps1' seen from China and Hong Kong bazaar.abuse.ch/sample/c6dfa… Source from: hxxp://89.124.94(.)238:8888/install.ps1?key=hpK9mqasd324asdf23Oasdfw

Deconstructing ClickFix how TDS exploits AWS WAF and injects silent NetSupport RATs -- medium.com/@SpearPanic/decon…

#booking #clickfix #netsupport "Update" 👇 propertypanelreservations].com 👇 147.45.45.245/genius/ 👇 Client32.ini host-netsup.]com:443 baracudamin.]com:443 95.85.246.]222/fakeurl.htm Samples bazaar.abuse.ch/browse/tag/9… AnyRun app.any.run/tasks/114a6784-0… @k3dg3 @500mk500 @skocherhan

#booking #netsupport #rat captcha-extranet-manage.]com/start 👇 77.91.97.]125/BookingVerifedCasBot 👇 msi>extracted>AltPayload>pw fantombot> Client32.ini 👇 uurdxji.]com:443 yuaushg.]com:443 91.92.34.]113/fakeurl.htm Samples bazaar.abuse.ch/browse/tag/u… @k3dg3 @500mk500 @skocherhan

el buen netsupport