from Hacker News

PRC's State-Sponsored Cyber Actr Living Off the Land to Evade Detection [pdf]

by morphicpro on 1/31/24, 5:28 PM with 1 comments

  • by morphicpro on 1/31/24, 5:28 PM

    Given the nature of the news from the FBI today this feels relevant to re-post.

    ``` Some of the built-in tools this actor uses are: wmic, ntdsutil, netsh, and PowerShell. The advisory provides examples of the actor’s commands along with detection signatures to aid network defenders in hunting for this activity. ```