Attackers Exploit ManageEngine Flaw to Steal Sensitive Data

“KdcSponge will capture the domain name, username and password to a file on the system that the threat actor would then exfiltrate manually through existing access to the server.”

In a smaller subset of attacks, researchers also observed a modified version of a backdoor called…

Source: duo.com – Read more