#domaincontroller β Public Fediverse posts
Live and recent posts from across the Fediverse tagged #domaincontroller, aggregated by home.social.
-
The Gentlemen & SystemBC: A Sneak Peek Behind the Proxy
The Gentlemen ransomware-as-a-service program has rapidly expanded since mid-2025, claiming over 320 victims with 240 attacks occurring in early 2026. The service provides multi-platform lockers for Windows, Linux, NAS, BSD, and ESXi, enabling comprehensive coverage of corporate environments. During an incident response engagement, an affiliate deployed SystemBC proxy malware for covert tunneling and payload delivery. Analysis of the SystemBC command-and-control server revealed a botnet of over 1,570 victims, primarily corporate and organizational targets. The intrusion progressed from domain controller compromise through credential validation, remote execution via administrative shares, and deployment of Cobalt Strike payloads. Attackers disabled defenses, established persistence through scheduled tasks and services, and ultimately deployed ransomware via Group Policy. The operation demonstrates sophisticated lateral movement capabilities, defense evasion techniques, and integration of mature post-exploit...
Pulse ID: 69e63f93a0ddbd53fcab3f51
Pulse Link: https://otx.alienvault.com/pulse/69e63f93a0ddbd53fcab3f51
Pulse Author: AlienVault
Created: 2026-04-20 15:00:35Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CobaltStrike #CyberSecurity #DomainController #InfoSec #Linux #Malware #OTX #OpenThreatExchange #Proxy #RAT #RansomWare #RansomwareAsAService #Troll #Windows #bot #botnet #AlienVault
-
π¦πΆπΊπ½πΉπΆπ³πΆπ²π± π±π²π½πΉπΌππΊπ²π»π ππΆππ΅ ππ²π³π²π»π±π²πΏ π³πΌπΏ ππ±π²π»ππΆππ
"Microsoft Defender for Identity is an essential part of a modern security practice, helping your organization protect against, and respond to, identity-based threats. In this blog we will show you the simple steps for deploying Microsoft Defender for Identity within your environment."
#defenderforidentity #mdi #microsoft #microsoftsecurity #defender #adfs #domaincontroller #activedirectory #itdr #azure #adfs #adcs #deployment