lockbit.jpg

LockBit Ransomware Abuses Home windows Defender to Deploy Cobalt Strike Payload

A menace actor related to the LockBit 3.0 ransomware-as-a-service (RaaS) operation has been noticed abusing the Home windows Defender command-line instrument to decrypt and cargo Cobalt Strike payloads. Based on a report printed by SentinelOne final week, the incident occurred after acquiring preliminary entry through the Log4Shell vulnerability in opposition to an unpatched VMware Horizon …

LockBit Ransomware Abuses Home windows Defender to Deploy Cobalt Strike Payload Read More »