Backdoors & Breaches: Logon Scripts
Summary
This article from Black Hills Information Security discusses the relevance and techniques of abusing logon scripts. It highlights how attackers can exploit logon scripts, with a featured card from 'Backdoors & Breaches' for this topic.
IFF Assessment
FOE
The article discusses a technique that can be used by attackers to gain unauthorized access or execute malicious code, which is detrimental to defenders.
Defender Context
Defenders should be aware of the potential for logon script abuse as a lateral movement or persistence technique. Monitoring for unusual script modifications, execution, and associated network activity is crucial.