all InfoSec news
LockBit 3.0 affiliate sideloads Cobalt Strike through Windows Defender
Security Affairs securityaffairs.co
An affiliate of the LockBit 3.0 RaaS operation has been abusing the Windows Defender command-line tool to deploy Cobalt Strike payloads. During a recent investigation, SentinelOne researchers observed threat actors associated with the LockBit 3.0 ransomware-as-a-service (RaaS) operation abusing the Windows Defender command line tool MpCmdRun.exe to decrypt and load Cobalt Strike payloads. The attackers initially compromise the target […]
The post LockBit 3.0 affiliate sideloads Cobalt Strike through Windows Defender appeared first on Security Affairs.
affiliate breaking news cobalt cobalt strike cyber crime cybercrime defender hacking hacking news information security news it information security lockbit lockbit 3.0 malware pierluigi paganini raas strike windows windows defender