A sophisticated threat actor leveraging artificial intelligence technologies to automate Active Directory (AD) reconnaissance and systematically bypass endpoint detection and response (EDR) evasion techniques. The activity was first flagged when an anomalous endpoint registered within a customer tenant generated alerts for payloads originating from C:\Users\User\Documents\test. Investigation of that directory revealed a comprehensive post-exploitation framework built around […]
The post Hackers Use AI-Generated Tools to Automate AD Attacks, EDR Evasion appeared first on Cyber Security News.