YoVDO

Top Active Directory Attacks - Understand, then Prevent and Detect

Offered By: RSA Conference via YouTube

Tags

RSA Conference Courses Cybersecurity Courses Ransomware Courses Active Directory Security Courses Credential Stuffing Courses

Course Description

Overview

Explore the most prevalent and potent Active Directory attacks in this 40-minute RSA Conference talk by Jeff McJunkin, Founder of Rogue Valley Information Security. Gain crucial insights into how hackers exploit enterprise vulnerabilities, and learn effective strategies to prevent and detect these threats. Delve into topics such as the Lockheed Martin Cyberkill Chain, internal access risks, password spraying, credential stuffing, DNS fallback abuse, and Kerberos roasting. Discover practical preventive and detective controls, including password protection measures, printer security, and sensitive file management. Equip yourself with the knowledge to strengthen your organization's Active Directory defenses and stay one step ahead of attackers.

Syllabus

Introduction
Agenda
Different ways of conceptualizing breaches
Lockheed Martin Cyberkill Train trademark
What every attacker or attack needs
Internal access
Why internal access
A 10000 employee company
Twitter breach
Finding the right data
X filtration
Ransomware
High Level Picture
Prevent vs Detect
Safes
Assume Breach
Realistic Threat Model
Password Spraying
Single Factor Authentication
Credential Stuffing
File Sharing
dns fallback abuse
Look printers
Kerberos roasting
What are kerberos
normal flow
analogies
authentication
ticket granting
service ticket
kerberos steam
preventive detective controls
password protection
printers
sensitive files
longterm action
fallback abuse
Jeff


Taught by

RSA Conference

Related Courses

Web App Testing - Enumeration
Cyber Mentor via YouTube
Full Ethical Hacking Course - Beginner Network Penetration Testing
Cyber Mentor via YouTube
Zero to Hero Pentesting - Exploitation, Shells, and Some Credential Stuffing
Cyber Mentor via YouTube
Protecting Accounts from Credential Stuffing with Password Breach Alerting
USENIX via YouTube
The State of Credential Stuffing and the Future of Account Takeovers
OWASP Foundation via YouTube