Tag
This threat brief details the detection of malicious Windows Management Instrumentation (WMI) event subscriptions, a technique used by attackers for persistence and privilege escalation on Windows systems.