We have observed suspicious activity on the Windows Database Servers below where we see that the command "for /f "tokens=1,2 delims=\\" %i in ('whoami') do net localgroup "ora_dba" "%i\%j" /ADD” was executed. We observed use of the 'whoami' command and ad

Loading

ChinmayN asked a question.

December 6, 2024 at 1:25 PM

We have observed suspicious activity on the Windows Database Servers below where we see that the command "for /f "tokens=1,2 delims=\\" %i in ('whoami') do net localgroup "ora_dba" "%i\%j" /ADD” was executed. We observed use of the 'whoami' command and ad

Hardware & Device Management

Loading

We have observed suspicious activity on the Windows Database Servers below where we see that the command "for /f "tokens=1,2 delims=\\" %i in ('whoami') do net localgroup "ora_dba" "%i\%j" /ADD” was executed. We observed use of the 'whoami' command and ad