Feb 06 2019 01:22 PM
I keep seeing the account name 1B9E3760 in our Windows security logs, only when an account has failed to log in. (But not every time an account has failed to log in.) The only thing that we've found is that this may be related to "logon as a service".
Where would I even begin to look for more info on what this is?
Dec 02 2019 06:26 AM
In my case it is vulnerability scanner InsightVM - Rapid7 https://www.rapid7.com/products/insightvm/
Jan 29 2020 06:49 AM