Intro The Ryuk threat actors went from a phishing email to domain wide ransomware in 5 hours. They escalated privileges using Zerologon (CVE-2020-1472), less than 2 hours after the initial … Read More
https://thedfirreport.com/2021/08/29/cobalt-strike-a-defenders-guide/