CISA reports on a recent breach where APT actors used an open-source toolkit called Impacket to gain their foothold and further compromise the network, and also used a custom data exfiltration tool, CovalentStealer, to steal the victim’s sensitive data. CISA discovered activity indicating the use of two Impacket tools: wmiexec.py and smbexec.py. These tools use […]