«
|
Come meet Randy in Orland... »
How to Detect Pass-the-Hash Attacks Blog Series
Wed, 13 Feb 2019 13:41:32 GMT
Jeff Warren really knows AD security and the Windows
Security Log. He brings me a lot of good ideas and tips for enhancing my
Security Log Encyclopedia. He also really stays up-to-date on the latest
cyber attack techniques and thinks about how to detect them with the Security
Log, Sysmon and other logs in the AD/Windows environment. Check out his
latest blog post on detecting pass-the-hash with Windows event logs here: https://blog.stealthbits.com/how-to-detect-pass-the-hash-attacks/
This is the first in a three part series so stay tuned for the rest.
email this
•
digg
•
reddit
•
dzone
comments (0)
•
references (0)
Related:
5 Indicators of Endpoint Evil
Auditing Privileged Operations and Mailbox Access in Office 365 Exchange Online
Severing the Horizontal Kill Chain: The Role of Micro-Segmentation in Your Virtualization Infrastructure
Anatomy of a Hack Disrupted: How one of SIEM’s out-of-the-box rules caught an intrusion and beyond
Comments disabled
powered by Bloget™