China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware
LongNosedGoblin uses Group Policy and cloud services for C2 to deploy custom C# malware, conducting cyber espionage against Southeast Asian and Japanese government entities.
Emergency Windows update solves Active Directory problem
"We have identified an issue where audit logon/logoff events in the local policy of Active Directory Group Policy may not appear as enabled, even if they are enabled and expected to work."