Vendor
This brief details the detection of DNS queries targeting commonly abused Remote Monitoring and Management (RMM) or remote access software domains, originating from non-browser processes, which is a common tactic for command and control, persistence, and lateral movement by threat actors.