The targeted company employs this technology to allow employees to download specific policies to their corporate devices, granting them secure access to the Fortinet VPN.
After the initial installation, the attackers began to upload additional payloads to the compromised system, beginning discovery and lateral movement activities such as enumerating network resources.
Collection
[
|
...
]