22
Feb
Phishing continues to be a focal point of initial access for threat actors. This campaign emphasizes the importance of a phishing awareness program and monitoring processes such as PowerShell and Procdump for potential misuse or abuse. LOLBIN usage can allow attackers to blend in with normal activity. Organizations are recommended to employ detections and mitigations for the post exploitation phase of an attack to try and weed out misuse of these programs.
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/hydrochasma-asia-medical-shipping-intelligence-gathering
