Actor

FIN7

1 brief RSS

Also known as: Carbon Spider Sangria Tempest

Non-Chrome Process Accessing Chrome Default Directory

Detection of non-Chrome processes accessing the Chrome user data directory, potentially indicating credential theft or data exfiltration attempts by malware such as RATs or APT groups.

Splunk Enterprise +2 FIN7 +2 credential-access threat-type windows

2r 1t Jan 3, 2024