In order to spread the LockBit ransomware threat throughout infected networks, threat actors have been detected targeting server workstations, according to Symantec, a division of Broadcom Software.
LockBit was detected in one attack that Symantec saw locating domain-related data, making a Group Policy for lateral movement, and executing the “gpupdate /force” command on all systems in the same domain, which forces group policy updates. Read More…