Adversary Tradecraft: A Deep Dive into RID Hijacking and Hidden Users
Researchers at AhnLab Security Intelligence Center (ASEC) recently published a report on the Andariel threat group, a DPRK state-sponsored APT active for over a decade, that has been leveraging RID hijacking and user account concealment techniques in its operations to stealthily maintain privileged access to compromised Windows systems. This blog post explores hands-on how […]
