Domain of Thrones: Part II

Nov. 6, 2023, 5 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Written by Nico Shyne & Josh Prager

Introduction Part II

In the first installment of “Domain of Thrones,” we meticulously explored an array of six distinctive domain persistence techniques:

Credential Theft on the Domain Controller (DC)

NTDS Access

DCSync

Golden Ticket

Diamond Ticket

Active Directory Certificate Services (AD CS)

These adversarial methods facilitate an elevated level of access to the targeted domains, thereby challenging the defenders with a considerably strenuous eviction and remediation process.

Our initial post ended …

access active directory adversarial amp array certificate certificate services controller credential credential theft diamond diamond ticket directory domain domain controller golden golden ticket josh persistence services techniques theft thrones ticket written

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Update: file-magic.py Version 0.0.8 4 hours ago | malware.news

article didier didier stevens file +11

Ticketmaster confirms customer data breach 7 hours ago | malware.news

breach cloud cloud database customer +18

What the Biggest-Ever Botnet Takedown Means 1 day, 4 hours ago | malware.news

botnet distribution financial industrial +5

Okta Cross-origin Authentication Feature in Customer Identity Cloud Targeted in Credential Stuffing Attacks 1 day, 6 hours ago | malware.news

access attacks authentication cloud +22

OpenAI report reveals threat actors using ChatGPT in influence operations 1 day, 6 hours ago | malware.news

article campaigns chatgpt disruption +12

Fake Bahrain Government Android App Steals Personal Data Used for Financial Fraud 1 day, 6 hours ago | malware.news

android android app app bahrain +17

Nearly 6M WordPress sites may be affected by bugs in 3 plug-ins 1 day, 7 hours ago | malware.news

article attacks bugs fastly +11

Senator Calls for FTC, SEC Probe Into UnitedHealth’s ‘Negligence’ in Breach 1 day, 8 hours ago | malware.news

article attack board breach +17

Vulnerability impacting Check Point Network Security Gateways (CVE-2024-24919) 1 day, 8 hours ago | malware.news

article canadian canadian centre for cyber security check +14

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com

all InfoSec news

Domain of Thrones: Part II

Introduction Part II

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Jobs in InfoSec / Cybersecurity

CyberSOC Technical Lead

Cyber Security Strategy Consultant

Cyber Security Senior Consultant

Sr. Product Manager

Corporate Intern - Information Security (Year Round)

Senior Offensive Security Engineer