Action1 RMM Abused by Threat Actors for Ransomware Attacks

A rising trend has been identified among cybercriminals; they are using Action1 remote access software for reconnaissance activity and to run code with system privileges on network hosts. In fact, it was observed in at least three ransomware attacks by threat actor groups.