Why You Need to Detect More Than Pass-the-Hash
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the critical importance of detecting more than just Pass-the-Hash attacks in this 29-minute Black Hat conference talk. Delve into the world of compromised credentials, understanding why they remain a persistent threat in cybersecurity. Learn systematic approaches to prevent credential abuse and discover more efficient detection techniques beyond traditional IoCs. Gain insights from security experts Matt Hathaway and Jeff Myers as they break down the attacker's mindset, discuss various entry points, and demonstrate practical examples using tools like Metasploit. Understand the significance of centralized logging and event analysis in identifying and mitigating credential-based threats across domains.
Syllabus
Intro
Who are we
Agenda
Primer
Pass a Hash
Attacker Mindset
Credentials
One Entry Point
Expanding
How to Detect
Centralized Logging
Event Logs
Example
A logon
Metasploit
Domain Domain User
Conclusion
Questions
Taught by
Black Hat
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network