Je hebt een klacht over de onderstaande posting:
Door Anoniem: Dit is waarschijnlijk dezelfde groep die achter de Taiwan Semiconductor Manufacturing Company (TSMC) zit. https://www.zdnet.com/article/black-hat-hackers-are-now-using-cobalt-strike-and-skeleton-keys-to-target-semiconductor-firms/ Dat betreft dan Operations Chimera. Deze Threat Actor staat ook bekend om het gebruik van de "Skeleton key" https://cycraft.com/download/CyCraft-Whitepaper-Chimera_V4.1.pdf A unique account manipulation malware - SkeletonKeyInjector – was used. SkeletonKeyInjector contained code extracted from Dumpert and Mimikatz. This malware implanted a skeleton key into domain controller (DC) servers to continuously conduct lateral movement (LM). Additionally, by making direct syscalls, the malware could bypass security products based on API hooking. This malware was discovered in the two cases mentioned in this report.
Beschrijf je klacht (Optioneel):