ToddyCat is making holes in your infrastructure
SecureList
APRIL 22, 2024
A connection like this created on domain controllers allows attackers to obtain the IP addresses of hosts on the internal network through DNS queries. Data for connecting the remote client to the server and its authentication details are added to the configuration file: AccountName Hostname ha.bbmouseme[.]com
Let's personalize your content