A newly identified threat agent known as Curly COMrades has been noted engaging with organizations in Georgia and Moldova within a cyber espionage initiative aimed at securing prolonged entry to targeted networks.
“They consistently attempted to retrieve the NTDS database from domain controllers — the main storage for user password hashes and authentication information in a Windows environment,”