A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Targeted Attacks and the Privileged Pivot - Mark Nafe GrrCON 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)

Targeted Attacks and the Privileged Pivot
Mark Nafe
GrrCON 2015

Analysis of the latest attacks on large enterprises has determined that one of the most common patterns is the commandeering of privileged accounts to gain access to an intended target, then escalating privileges to move laterally throughout the network to higher value targets. This presentation will examine primary attack vectors, such as privileged accounts and credentials, and provide insight into the code that is launched, including snippets that enable access to more devices (lateral movement). The session will explain common weaknesses in enterprise security defenses and provide advice for remediating and closing these vulnerabilities. The discussion will put recent breaches in context of broader cyber-attack patterns, and provide lessons learned based on attackers, typical timeline of activities.

Back to GrrCON 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast