Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
ioc.exchange is one of the many independent Mastodon servers you can use to participate in the fediverse.
INDICATORS OF COMPROMISE (IOC) InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.

Administered by:

Server stats:

1.6K
active users

ioc.exchange: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.4

Just Another Blue Teamer

Good day everyone! The Microsoft Threat Intelligence team has discovered activity from a group known as . They are a nation-state group from China that targeted organizations in Taiwan. While the group leverages tools that are commonly used, like , , and , they also rely on abusing , or Living-off-the-land binaries and scripts (tools that exist and come with the native operating system). Some of their TTPs include using registry key modification for persistence, using , , or to download tools, and accessing process memory and Security Account Manager registry hive for credential access. This is a great article that not only provides high-level details but it provides a starting point for any organization to start threat hunting by using the technical details provided! Enjoy your weekend and !

Attack Chain (From source)
#CyberSecurity#ITSecurity#InfoSec
Sep 02, 2023, 01:33 PM·Public·Web
3boosts·4favorites
ExploreLive feeds
About