By altering the calling threads process ID and extending the exploitation window with file locks, an attacker can trick Seclogon into creating privileged LSASS handles for memory dumping

https://otter.gitbook.io/red-teaming/articles/windows-of-opportunity-exploiting-race-conditions-in-seclogon-to-dump-lsass

#infosec #cybersecurity #redteam #pentest #windows