Qilin Ransomware Exploits Active Directory with DCSync
Discover how Qilin ransomware uses DCSync to exploit Active Directory. Learn about the stealthy techniques and protection strategies.
Read the full articleYou might also wanna read
Qilin Ransomware: Technical analysis, from initial access to beaconing
Deep technical analysis of Qilin RaaS operations, initial access methods, C2 beaconing, and detection guidance from ThreatLocker Threat Inte
Qilin ransomware: Widespread encryption by any means necessary
The Russia-based ransomware group Qilin has rapidly ascended to become the world’s most prominent ransomware threat, claiming responsibility
Qilin Dominates Ransomware Market Amid Growing Cybercrime Consolidation
The ransomware landscape is reconsolidating around major players, with Qilin emerging as the leading RaaS operation, researchers say
Attackers exploited passwords stored in Active Directory description fields to deploy ransomware
Attackers used a phishing campaign and the Sliver offensive tool to capture a victim’s credentials, then queried Active Directory. Once insi
Vibe-Coded Malware Caught in Active Directory Attack
Huntress found a threat actor using vibe-coded PowerShell to map an Active Directory network
JadePuffer: The warning that the ransomware is starting to operate as an agent
Ransomware has just received a disturbing update. We’re no longer talking solely about human groups purchasing access, deploying known tools

Comments
Sign in to join the conversation.
No comments yet. Be the first.