A new sophisticated stealing campaign named “Steal-It” has been discovered that exfiltrates NTLMv2 hashes using customized versions of Nishang’s Start-CaptureServer PowerShell script. It is believed that the Steal-It campaign may be attributed to APT28 (aka Fancy Bear) based on its similarities with the APT28 cyber attack. Fancy Bear is a Russian cyber espionage group that […]
The post Hackers Steal NTLMv2 Hashes using Custom Powershell Scripts appeared first on GBHackers – Latest Cyber Security News | Hacker News.
This article has been indexed from GBHackers – Latest Cyber Security News | Hacker News
Read the original article: