all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

IcedID Malware Strikes Again: Active Directory Domain Compromised in Under 24 Hours

Add to bookmarks
Jan. 12, 2023, 2:46 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an unnamed target less than 24 hours after gaining initial access.
"Throughout the attack, the attacker followed a routine of recon commands, credential theft, lateral movement by abusing Windows protocols, and executing Cobalt Strike on the newly compromised host," Cybereason researchers said in

abusing access active directory actor attack cobalt cobalt strike compromise compromised credential credential theft cybereason directory domain host icedid initial access lateral movement malware malware attack protocols recon researchers strike target theft threat threat actor under windows

Visit resource

More from thehackernews.com / The Hacker News

DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactions an hour ago | thehackernews.com
arrest arrests called criminal +17
Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny 5 hours ago | thehackernews.com
address authority browser chrome +24
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage 6 hours ago | thehackernews.com
actor arcanedoor campaign cisco +28
U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks 22 hours ago | thehackernews.com
april assets attacks command +19
Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike 22 hours ago | thehackernews.com
attack called campaign cobalt +22
Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users 1 day, 2 hours ago | thehackernews.com
app apps baidu chinese +22
CISO Perspectives on Complying with Cybersecurity Regulations 1 day, 2 hours ago | thehackernews.com
accountability ciso cisos compliance +22
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners 1 day, 5 hours ago | thehackernews.com
actor antivirus antivirus software avast +22
CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers 1 day, 7 hours ago | thehackernews.com
actor cache campaign cdn +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cyber Systems Administration

@ Peraton | Washington, DC, United States
View on infosec-jobs.com

Android Security Engineer, Public Sector

@ Google | Reston, VA, USA
View on infosec-jobs.com

Lead Electronic Security Engineer, CPP - Federal Facilities - Hybrid

@ Black & Veatch | Denver, CO, US
View on infosec-jobs.com

Profissional Sênior de Compliance & Validação em TI - Montes Claros (MG)

@ Novo Nordisk | Montes Claros, Minas Gerais, BR
View on infosec-jobs.com

Principal Engineer, Product Security Engineering

@ Google | Sunnyvale, CA, USA
View on infosec-jobs.com
View more jobs