Why You Need to Detect More Than Pass-the-Hash
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the critical importance of detecting more than just Pass-the-Hash attacks in this 29-minute Black Hat conference talk. Delve into the world of compromised credentials, understanding why they remain a persistent threat in cybersecurity. Learn systematic approaches to prevent credential abuse and discover more efficient detection techniques beyond traditional IoCs. Gain insights from security experts Matt Hathaway and Jeff Myers as they break down the attacker's mindset, discuss various entry points, and demonstrate practical examples using tools like Metasploit. Understand the significance of centralized logging and event analysis in identifying and mitigating credential-based threats across domains.
Syllabus
Intro
Who are we
Agenda
Primer
Pass a Hash
Attacker Mindset
Credentials
One Entry Point
Expanding
How to Detect
Centralized Logging
Event Logs
Example
A logon
Metasploit
Domain Domain User
Conclusion
Questions
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube