LockBit ransomware exploits Windows Defender to deploy cobalt strike payload

News03 Aug 2022

A new report published by SentinelOne last week revealed that the threat actors (TA) associated with the LockBit 3.0 ransomware-as-a-service (RaaS) operation have been abusing the Windows Defender command-line tool to decrypt and load Cobalt Strike payloads.

Please take 30 seconds to register

or if you have an account please login

teiss Team

teiss Team

More from this author

Luxottica settles data breach class action lawsuit over 2020 hacking incident

Major data breach at SRP Federal Credit Union exposes sensitive information of 240,000 individuals

Implementing predictive resilience

Related Articles

Luxottica settles data breach class action lawsuit over 2020 hacking incident

Luxottica settles data breach class action lawsuit over 2020 hacking incident

Major data breach at SRP Federal Credit Union exposes sensitive information of 240,000 individuals

Major data breach at SRP Federal Credit Union exposes sensitive information of 240,000 individuals

Hacker group leaked Telecom Namibia's data after it refused to pay a ransom

Hacker group leaked Telecom Namibia's data after it refused to pay a ransom

Hackers stole the data of 1.4m individuals from Texas Tech University Health Sciences Centres

Hackers stole the data of 1.4m individuals from Texas Tech University Health Sciences Centres

Most Viewed

Cyber attack on Medical Center Barbour compromised the data of over 60,000 patients

U.S. oil giant Halliburton says cyber attack disrupted IT operations

Ransomware attack on Université Paris-Saclay impacted servers and digital services

Data breach at ParkTree Community Health Center exposes sensitive patient information

The Expert View: Building a cyber-resilient organisationSponsored by BT & Zscaler

Can enterprise browsers become the info-security silver bullet?

Six key takeaways from CISOs on AI’s role in securitySponsored by Tines

Young Consulting says cyber attack impacted close to a million individuals

Park’N Fly data breach affects 1 million customers; no financial information compromised

Continuum Health Alliance data breach impacted over 375,000 patients

Winston House, 3rd Floor, Units 306-309, 2-4 Dollis Park, London, N3 1HF

23-29 Hendon Lane, London, N3 1RT

020 8349 4363

info@teiss.co.uk

© 2024, Lyonsdown Limited. teiss® is a registered trademark of Lyonsdown Ltd. VAT registration number: 830519543