Hide Your RDP: Password Spray Leads to RansomHub Deployment
Key Takeaways Initial access was via a password spray attack against an exposed RDP server, targeting numerous accounts over a four-hour period. Mimikatz and Nirsoft were used to harvest credential…