A chink in the armor of China-based hacking group Nickel
Malwarebytes
DECEMBER 7, 2021
For initial access, the DCU noticed Nickel using older, and patched, vulnerabilities in Microsoft products like Microsoft Exchange and SharePoint, but also compromised VPN suppliers or obtained stolen credentials. For lateral movement the DCU saw Nickel actors using Mimikatz, WDigest, NTDSDump, and other password dumping tools during attacks.
Let's personalize your content