bleepingcomputer.com – Security analysts have observed an affiliate of the LockBit 3.0 ransomware operation abusing a Windows Defender command line tool to decrypt and load Cobalt Strike beacons on the target systems.

Tweeted by @bamitav https://twitter.com/bamitav/status/1554133623376211968