Forum Discussion
Ransomware Lockbit and Windows Server 2019 DC
Hi. Today I've detected a Lockbit ramsonware attack at 7.00 a.m (out of working hours) on my Windows Server 2010 DC that is actually unusable. The question is: how is it possible that on a DC use...
Your DC patched?
There are many vectors.
You recording security logs and shipping them off to a SIEM/SOAR platforms?
SMB, SAM-R, RDP, PWshell, WMI...
There are many vectors.
You recording security logs and shipping them off to a SIEM/SOAR platforms?
SMB, SAM-R, RDP, PWshell, WMI...