wilbursecurity.com
Defender Quarantines Lsass Dumps
An attacker logs in to my RDP Honeypot, launches Advanced Port Scanner, attempts to run a Meterpreter shell and then dumps Lsass using procdump. The attacker stumbles across the way and does not accomplish their mission. See the timeline, details, summary and IOCs below.