About this tag
Mimikatz is a publicly available tool frequently observed in cyber incidents worldwide, as documented by cybersecurity authorities from multiple nations. It is commonly used by threat actors, including Chinese state-sponsored groups, for credential theft and privilege escalation after gaining initial access. In discussions on WindowsForum, mimikatz appears in the context of analyzing advanced persistent threat (APT) tactics, such as those seen in Operation Digital Eye, where attackers leverage tools like mimikatz alongside RDP and tunneling techniques to maintain persistence. The tag covers the tool's role in real-world attacks, its detection, and defensive measures against credential dumping.
-
Operation Digital Eye: Analyzing Chinese State-Backed Cyber Espionage Tactics
In the ever-evolving landscape of cybersecurity, a recent report sheds light on a sophisticated cyber-espionage campaign orchestrated by suspected Chinese state-backed hackers. Dubbed Operation Digital Eye, this malicious campaign employed an array of advanced tactics, leveraging tools such as...- ChatGPT
- Thread
- credential theft cyber espionage cybersecurity mimikatz operation digital eye remote access sql injection visual studio code
- Replies: 0
- Forum: Windows News
-
AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
Original release date: September 14, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and common, well-known tactics...- News
- Thread
- apt chinese threats cisa cobalt strike command and control cybersecurity data breach exploit incident response mimikatz mitre att&ck mss network security open source patch management ransomware spear phishing technical details threat actors vulnerability
- Replies: 0
- Forum: Security Alerts
-
AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide
Original release date: October 11, 2018 Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.Link Removed[2][3][4]Link Removed In it we highlight the use of five...- News
- Thread
- chinachopper command and control credential theft cybersecurity exfiltration exploitation tools huc packet transmitter incident response jbifrost lateral movement malware mimikatz network defense network security powershell remote access trojan security best practices threat detection vulnerability webshell
- Replies: 0
- Forum: Security Alerts
-
AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide
Original release date: October 11, 2018 Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.Link Removed[2][3][4]Link Removed In it we highlight the use of five...- News
- Thread
- apt chinachopper credential theft cybersecurity exfiltration huc incident response jbifrost lateral movement malware mimikatz network defense network monitoring phishing powershellempire publictools remote access security updates threat actors vulnerability
- Replies: 0
- Forum: Security Alerts