In one attack observed by Symantec, LockBit was seen identifying domain-related information, creating a Group Policy for lateral movement, and executing a command on all systems within the same domain to forcefully update group policy.
Support the originator by clicking the read the rest link below.