Warning: Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes
March 5, 2024 at 05:46AM TA577 threat actor employs ZIP archive attachments in phishing emails to obtain NTLM hashes, facilitating sensitive info gathering and follow-on activities. Delivery of the phishing waves on Feb 26 and 27, 2024, targeted hundreds of global organizations through thread hijacking technique. The actor aims to capture NTLMv2 Challenge/Response pairs for … Read more