TA577 Targeting Windows NTLM Hashes in Global Campaigns
TA577 Targeting Windows NTLM Hashes in Global Campaigns
Summary:
TA577, a significant cyber threat group, has shifted tactics to steal NTLM authentication data, utilizing thread hijacking and customized HTML attachments. Organizations should block outbound SMB to thwart exploitation and remain vigilant against evolving attack methods.
Threat Level – Red | Attack Report
For a detailed threat advisory, download the pdf file here
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.