Hackers Steal NTLMv2 Hashes using Custom Powershell Scripts

A new sophisticated stealing campaign named “Steal-It” has been discovered that exfiltrates NTLMv2 hashes using customized versions of Nishang's Start-CaptureServer PowerShell script.

It is believed that the Steal-It campaign may be attributed to APT28 (aka Fancy Bear) based on its similarities with the APT28 cyber attack.

Fancy Bear is a Russian cyber espionage group that uses zero-day exploits, spear phishing, and malware

Read more

Tags: Spear Phishing, Cyber Attack, exploits, Hashes, PowerShell, and, phishing, Cyber espionage, stealing, hacks, NTLMv2, attack, script, Scripts, APT28

AI News

Fundamental Principles of Langchain in LLM Based Application Development

September 29, 2023 10:30 pm

AI News Roundup: Google Wants Your Website Data for AI Model Training

September 29, 2023 10:24 pm

The CIA is Building its own ChatGPT

September 29, 2023 10:03 pm

CrowdStrike Boosts Israeli Startup Ties With AWS Partnership

September 30, 2023 12:05 am

Faking IDs, bank statements and other documents

September 30, 2023 12:01 am

China Proposes Significant Changes to Cross-Border Transfer Rules

September 29, 2023 11:28 pm

Hitrust Certification

May 2, 2023 8:14 am

What is the best cloud security certification, CCSP, CCSK or CCAK?

April 21, 2023 9:23 pm

The Top 3 Countries With The Best Cyber Warfare Capabilities

April 2, 2023 2:47 pm

Hackers Steal NTLMv2 Hashes using Custom Powershell Scripts

Related Posts

AI News

Fundamental Principles of Langchain in LLM Based Application Development

AI News Roundup: Google Wants Your Website Data for AI Model Training

The CIA is Building its own ChatGPT

Cyber News

CrowdStrike Boosts Israeli Startup Ties With AWS Partnership

China Proposes Significant Changes to Cross-Border Transfer Rules

Blog

Hitrust Certification

Find us on social media

Follow Us