Security News > 2021 > December > Telecom operators targeted in recent espionage hacking campaign
2021-12-14 23:32
"Based on process lineage data, attackers seemed to use scripts extensively. These may be automated scripts used for collecting information and downloading additional tools," explains Symantec's report.
Hidec: Command line tool for running a hidden window.
CrackMapExec: Publicly available tool that is used to automate security assessment of an Active Directory environment.
ProcDump: Microsoft Sysinternals tool for monitoring an application for CPU spikes and generating crash dumps, but which can also be used as a general process dump utility.
Mimikatz: Publicly available credential dumping tool.
Most of these tools are publicly available tools commonly used by offensive security teams, so they may not trigger alarms in organizations.