You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
rmm abuse
About this tag
Discussions on rmm abuse at WindowsForum.com focus on the exploitation of remote monitoring and management tools, specifically SolarWinds Web Help Desk (WHD), as an attack vector. In a recent thread, Microsoft defenders detail how intruders used exposed WHD instances as a beachhead in December, then moved laterally to harvest high-privilege credentials. The exact vulnerability remains unresolved, highlighting the risks of internet-facing RMM products. This content underscores the security implications of RMM abuse in enterprise IT environments, where attackers leverage legitimate tools for credential theft and lateral movement.
Microsoft defenders say intruders used exposed SolarWinds Web Help Desk (WHD) instances as a beachhead in December, then moved laterally to harvest high‑privilege credentials — but the exact bug that opened the door remains unresolved.
Background
SolarWinds Web Help Desk is a widely deployed IT...