Tactical RMM (ba4777f9-bb3b-4143-8062-a510c30544ce)
According to joint Cybersecurity Advisory AA23-320A (November 2023), Tactical RMM is a publicly available, legitimate tool that "enables remote monitoring and management of systems". According to the Advisory, Scattered Spider threat actors are known to abuse the tool during their intrusions.[U.S. CISA Scattered Spider November 16 2023]
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
Tactical RMM (ba4777f9-bb3b-4143-8062-a510c30544ce) | Tidal Software | Scattered Spider (3d77fb6c-cfb4-5563-b0be-7aa1ad535337) | Tidal Groups | 1 |