Why You Need to Detect More Than Pass-the-Hash
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the critical importance of detecting more than just Pass-the-Hash attacks in this 29-minute Black Hat conference talk. Delve into the world of compromised credentials, understanding why they remain a persistent threat in cybersecurity. Learn systematic approaches to prevent credential abuse and discover more efficient detection techniques beyond traditional IoCs. Gain insights from security experts Matt Hathaway and Jeff Myers as they break down the attacker's mindset, discuss various entry points, and demonstrate practical examples using tools like Metasploit. Understand the significance of centralized logging and event analysis in identifying and mitigating credential-based threats across domains.
Syllabus
Intro
Who are we
Agenda
Primer
Pass a Hash
Attacker Mindset
Credentials
One Entry Point
Expanding
How to Detect
Centralized Logging
Event Logs
Example
A logon
Metasploit
Domain Domain User
Conclusion
Questions
Taught by
Black Hat
Related Courses
Windows Server 2016 Security FeaturesMicrosoft via edX Detecting and Mitigating Cyber Threats and Attacks
University of Colorado System via Coursera Threat Detection: Planning for a Secure Enterprise
Microsoft via edX Microsoft Professional Capstone : Cybersecurity
Microsoft via edX Cyber Security Operations (Cisco CCNA)
The Open University via FutureLearn