Intrusion Prevention



This indicates an attempt to use Mimikatz.
Mimikatz is a tool for stealing Windows password and credentials. It can extract plaintexts passwords, hash, PIN code and kerberos tickets from memory.

Affected Products

Any vulnerable Windows systems


Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems

Recommended Actions

Monitor traffics from that network for any suspicious activity.