Exploitation of Follina leads to takeover of domain controller
Exploitation of Follina leads to takeover of domain controller
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
The recent incident is related to TA570, wherein the attackers exploited the Follina vulnerability (CVE-2022-30190) to compromise the Domain Controller and eventually gain access to confidential files.