all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

DFSP # 399 - Lateral Movement Failed Logon Events

Add to bookmarks
Oct. 10, 2023, 4:59 a.m. |

Digital Forensic Survival Podcast digitalforensicsurvivalpodcast.libsyn.com

Finding and analyzing failed logons sometimes is just as important as finding suspicious, actual logon activity. Like anything, context is important. Old logon records offer an opportunity to identify not only suspicious activity, but perhaps attempted activity by an attacker. A standard move in the attack chain is to compromise an account and use it to move within the breached environment. However, it doesn't always work as planned for the attacker, and you may find failed activity a valid signal …

attack attack chain attacker compromise context events identify important lateral movement logon offer old opportunity records standard

Visit resource

More from digitalforensicsurvivalpodcast.libsyn.com / Digital Forensic Survival Podcast

DFSP # 432 - Control Bits 4 days, 21 hours ago | digitalforensicsurvivalpodcast.libsyn.com
bits connection control devices +9
DFSP # 431 - Finding Needles 1 week, 4 days ago | digitalforensicsurvivalpodcast.libsyn.com
challenges compromise discovery escalation +4
DFSP # 430 - Targeting Tasks 2 weeks, 4 days ago | digitalforensicsurvivalpodcast.libsyn.com
analyst artifacts assessment attackers +10
DFSP # 429 - Career Moves 3 weeks, 4 days ago | digitalforensicsurvivalpodcast.libsyn.com
career course dfir future +9
DFSP # 428 - It’s all about that XML 1 month ago | digitalforensicsurvivalpodcast.libsyn.com
artifacts compromise events evidence +9
DFSP # 427 - MOF Balls 1 month, 1 week ago | digitalforensicsurvivalpodcast.libsyn.com
app artifact attackers dfir +11
DFSP # 426 - SSH Forensics: Log Analysis 1 month, 2 weeks ago | digitalforensicsurvivalpodcast.libsyn.com
analysis analyst forensics important +9
DFSP # 425 - SSH Forensics: Host-Based Artifacts 1 month, 3 weeks ago | digitalforensicsurvivalpodcast.libsyn.com
artifacts explained fast forensics +7
DFSP # 424 - SSH Forensics: Understanding Secure Shell 1 month, 4 weeks ago | digitalforensicsurvivalpodcast.libsyn.com
access basics communications concepts +18

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com