Backoff and Citadel Abuse Remote Access Tools
Recent events continue to highlight the abuse of remote access applications in the enterprise. Last Tuesday, Trusteer reported that a new variant of Citadel, which has long relied on VNC to give attackers remote control over systems, began adding new credentials to systems it infects and enabling the standard Windows remote desktop application (RDP). This