Stealing Domain Admin or How I Learned to Stop Worrying and Love the CSSF

Learn how to protect against domain admin theft and enhance cybersecurity measures in this 47-minute conference talk from GrrCON 2017. Explore the 8-step process of password spraying, remote admin tools, and hash attacks. Gain insights into defense-in-depth strategies, social engineering tactics, and the importance of identity management tools. Discover practical approaches for small businesses and understand the significance of documented system hardening processes. Delve into open-source intelligence gathering techniques and engage in an open, honest conversation about cybersecurity challenges. Acquire valuable knowledge to strengthen your organization's security posture and mitigate potential threats.

Intro
How do we get ahead
Data breach announcements
Defense in depth
Social engineering
The 8step process
Password spraying
Remote admin tools
Impact
Identity Management Tools
Hash Attack
Small Business Perspective
The Tech Even Thinks
Oversimplifying the Process
Do you follow documented system hardening processes
Answer yes to everything in this list
Step 1 Gathering Open Source Intelligence
Have an Open Honest Conversation
Looking Ahead
The Tool
Conclusion