Tags
Malware
Incidents
Campaign targeting exposed FortiGate firewall management interfaces
References
https://www.akamai.com/blog/security-research/2024-redtail-cryptominer-pan-os-cve-exploit
Last edited
Feb 20, 2025 3:29 PM
DCSync is a post-exploitation technique used by attackers to simulate the behavior of a Domain Controller (DC) and extract sensitive data, such as password hashes, from Active Directory (AD). This method is not classified as traditional malware like a cryptominer or rootkit; instead, it's a technique often employed by threat actors who have already gained privileged access within a network.