Microsoft SolarWinds analysis: Attackers hid inside Windows systems by wearing the skins of legit processes

Thorough counter-detection methods laid bare by Redmond

The SolarWinds hackers triggered one of their Cobalt Strike implants in the firm's network through a cunning VBScript that was activated by a routine system process, Microsoft has said.…

from The Register