LockBit Ransomware Abuses Windows Defender for Payload Loading
A LockBit ransomware operator or affiliate has been abusing Windows Defender to decrypt and load Cobalt Strike payloads during attacks, according to endpoint security firm SentinelOne.
A LockBit ransomware operator or affiliate has been abusing Windows Defender to decrypt and load Cobalt Strike payloads during attacks, according to endpoint security firm SentinelOne.