Techly NewsGet the app

Get the latest tech news

Notorious crooks broke into a company network in 48 minutes. Here’s how.


Report sheds new light on the tactics allowing attackers to move at breakneck speed.

It created the opportunity for the threat actors—most likely part of a ransomware group known as Black Basta—to contact the affected employees through the Microsoft Teams collaboration platform, pose as IT help desk workers, and offer assistance in warding off the ongoing onslaught. “This low-tech but highly effective method allows threat actors to gain initial access and convince users to grant them control of their machines,” ReliaQuest researcher John Dilgen wrote. using DLL side-loading, a technique that first requires identifying a vulnerable app running inside the network navigating through a maze of network directories using command-line tools and having the agility and breadth of experience to switch to RDP and PowerShell once SMB failed relying solely on the use of legitimate tools such as Quick Assist, Teams, SMB, RDP, and SoftPerfect to avoid detection—a technique defenders call living off the land painstaking research and preparation ahead of time, including the acquisition of a previously compromised service account they could access once they had gained initial access

Get the Android app

Or read this on ArsTechnica

Read more on:

Photo of minutes

minutes

Photo of Notorious crooks

Notorious crooks

Photo of company network

company network

Related news:

News photo

HP Deliberately Adds 15 Minutes Waiting Time For Telephone Support Calls

News photo

HP deliberately adds 15 minutes waiting time for telephone support calls | Longer wait time designed to push print or PC consumers to digital support channels, sorry, 'self-solve'

News photo

HP deliberately adds 15 minutes waiting time for telephone support calls

« Android 16's 'Live Updates' get previewed in an early beta test demo
What to expect at Mobile World Congress 2025: Nothing, Samsung, Xiaomi and more »