Security, et al

Randy's Blog on Infosec and Other Stuff

«  Active Directory security... | Come meet Randy in Orland... »

How to Detect Pass-the-Hash Attacks Blog Series

Wed, 13 Feb 2019 13:41:32 GMT

Jeff Warren really knows AD security and the Windows Security Log.  He brings me a lot of good ideas and tips for enhancing my Security Log Encyclopedia.  He also really stays up-to-date on the latest cyber attack techniques and thinks about how to detect them with the Security Log, Sysmon and other logs in the AD/Windows environment.  Check out his latest blog post on detecting pass-the-hash with Windows event logs here: https://blog.stealthbits.com/how-to-detect-pass-the-hash-attacks/

This is the first in a three part series so stay tuned for the rest.

email this digg reddit dzone
comments (0)references (0)

Related:
5 Indicators of Endpoint Evil
Auditing Privileged Operations and Mailbox Access in Office 365 Exchange Online
Severing the Horizontal Kill Chain: The Role of Micro-Segmentation in Your Virtualization Infrastructure
Anatomy of a Hack Disrupted: How one of SIEM’s out-of-the-box rules caught an intrusion and beyond

Comments disabled

powered by Bloget™

Search


Categories
Recent Blogs
Archive


 

Additional Resources