Vendor
medium
advisory
Suspicious Module Loaded by LSASS for Credential Access
2 rules 2 TTPsDetection of unsigned or untrusted DLLs being loaded into the LSASS process, which is indicative of credential access attempts by adversaries aiming to steal sensitive information such as user passwords.
credential-access
lsass
windows
2r
2t
medium
advisory
LSASS Loading Suspicious DLL
2 rules 2 TTPs 9 IOCsDetection of LSASS loading an unsigned or untrusted DLL, which can indicate credential access attempts by malicious actors targeting sensitive information stored in the LSASS process.
Windows
credential-access
lsass
dll-injection
2r
2t
9i