Lumidus

Ransom all the company's machines using the domain controller

All scenarios

Scenario overview

A threat actor is going to ransom an entire company infrastructure. They first compromise a user workstation via phishing, then exploit the Zerologon vulnerability to get a privileged access to the domain controller. A good place to launch the final stage!

Labs and Scenarios

M&NTIS Platform, based on Adversary Emulation and Cyber Range technologies, automatically executes attack scenarios within labs. These scenarios reproduce realistic killchains and intrusion sets.

Interactive labs

M&NTIS users can observe – in real time – the progress of the attacker within the lab and can interact with the environment to better understand all attack step effects.

Integrated defense

Labs can be interconnected with defense products, such as network probes, EDRs, or SIEM/XDRs. This allows a SOC to easily receive telemetry data and alerts produced by a running lab.

Realistic trainings

Attack scenarios can be exploited in cyber training where SOC and CERT analysts are faced with realistic attack scenarios. This allows them to challenge their operational efficiency.