BHIS Webcast: Attack Tactics 6! Return of the Blue Team
Update: 2019-05-24
Description
Download slides: https://www.activecountermeasures.com/presentations/
2:53 Introduction, password spray toolkit, account lockout, honey accounts, canary tokens, and two factor authorization
12:00 PCI #fixthefuture , two factor authorization, dumping global address lists, mailsniper
20:30 Lateral movement, OWA, VPN, SSH
32:54 Scanning and enumeration, Nmap, SSH Brute Force, "Find Open", LLMNR, LLMNR Responder, and NrlmRelayX
41:25 Gaining access and lateral movement, crackmapexec, how to detect if LLMNR gets turned back on after disabling
47:36 Additional paths, using RITA for detection, internal cobalt strikes, and Endpoint
50:17 Q&A
Originally recorded on May 16th, 2019
Presented by: John Strand, Jordan Drysdale, Kent Ickler
In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5!!!
2:53 Introduction, password spray toolkit, account lockout, honey accounts, canary tokens, and two factor authorization
12:00 PCI #fixthefuture , two factor authorization, dumping global address lists, mailsniper
20:30 Lateral movement, OWA, VPN, SSH
32:54 Scanning and enumeration, Nmap, SSH Brute Force, "Find Open", LLMNR, LLMNR Responder, and NrlmRelayX
41:25 Gaining access and lateral movement, crackmapexec, how to detect if LLMNR gets turned back on after disabling
47:36 Additional paths, using RITA for detection, internal cobalt strikes, and Endpoint
50:17 Q&A
Originally recorded on May 16th, 2019
Presented by: John Strand, Jordan Drysdale, Kent Ickler
In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5!!!
Comments
In Channel
Download from Google Play
Download from App Store
United States00:00
00:00
x
