That too on a Windows Domain Controller. I am happy that they found the Malware but, what was Skype doing on a Domain Controller
.
May be they missed the #2 (Inventory of Authorized and Unauthorized Software) in the SANS top 2o Critical Security Controls.
SNIPPET:
A creative attacker had used a modified version of the old Skype software development kit (SDK) and turned it into a remote-access Trojan to steal corporate data.
The links below has more details:
https://www.networkworld.com/news/2014/030614-skype-malware-279474.html
No comments:
Post a Comment