LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload
TECH · MEDIA
August 4, 20222 min read468 words
Published: August 4, 2022  |  2 min read468 words
Contact/Tip UsFollow Us On Social MediaA threat actor associated with the LockBit 3.0 ransomware-as-a-service (RaaS) operation has been observed abusing the Windows Defender command-line tool to decrypt and load Cobalt Strike payloads.According to a report published by Sentinel...
LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload Read more

No article scores yet.

There are no critic or public scores for this article yet.
Investigative1
critic reviews: 0
public reviews: 1
No reviews
img-contested
N/A
critic score
0 reviews
img-trusted
100%
public score
12 reviews
img-contested
N/A
critic score
0 reviews
img-trusted
100%
public score
8 reviews

CRITIC REVIEWS

There don't seem to be any reviews yet.

PUBLIC REVIEWS

Investigative
Aug 4
Good article presenting this new variant of the Lockbit and how it works, as well as what it has infected and how. It also goes into depth about why certain systems are more likely to be targeted, all in a concise manner.
Aug 4
Is this helpful?