TOP 10 unattributed APT mysteries
SecureList
OCTOBER 7, 2022
The traffic originated from a suspicious library loaded into the memory of a domain controller server and registered as a Windows password filter, which has access to plain-text passwords to administrative accounts. The files were designed to be executed in a pre-defined order, and some of them were AES128-encrypted.
Let's personalize your content