Skip to content
Threat Feed

Tag

Seclogon

1 brief RSS
high advisory

Suspicious LSASS Access via Malicious Secondary Logon Service

An attacker abuses the Secondary Logon service (seclogon.dll) to gain unauthorized access to the LSASS process, potentially leaking credentials.

Windows credential-access lsass seclogon
3r 1t