New: 2026 Gartner® Market Guide for Adversarial Exposure Validation
Learn More
Cymulate named a Customers' Choice in 2025 Gartner® Peer Insights™
Learn More
New Research: The Security Tradeoffs Behind AI Tooling
Learn More
An Inside Look at the Technology Behind Cymulate
Learn More
Book a Demo
Book a Demo

BumbleBee Used To Drop A Meterpreter Agent

November 15, 2022

The intrusion began with the delivery of an ISO file that contained an LNK and a DLL. The threat actors leveraged BumbleBee to load a Meterpreter agent and Cobalt Strike Beacons. They then performed reconnaissance, used two different UAC bypass techniques, dumped credentials, escalated privileges using a ZeroLogon exploit, and moved laterally through the environment.

Featured Resources

View More Resources
image
blog

MITRE ATT&CK v19 Unpacked: What Changed and How to Operationalize 

MITRE ATT&CK v19 introduces major changes that reshape how organizations understand and validate adversary behavior, including retiring the Defense Evasion tactic and introducing Stealth and Defense Impairment tactics.

Read More
CymuLab Live: A Hands-On Lab
Cymulate Event

CymuLab Live: A Hands-On Lab

Read More
CymuLab Live: A Hands-On Lab
Cymulate Event

CymuLab Live: A Hands-On Lab

Read More