{ads}

LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload

Written By Tuesday, 2 August 2022 Add Comment



August 02, 2022 at 01:37PM

A threat actor associated with the LockBit 3.0 ransomware-as-a-service (RaaS) operation has been observed abusing the Windows Defender command-line tool to decrypt and load Cobalt Strike payloads.  According to a report published by SentinelOne last week, the incident occurred after obtaining initial access via the Log4Shell vulnerability against an unpatched VMware Horizon Server. "Once initial

from The Hacker News https://ift.tt/xet8uVH

0 Response to "LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads