all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

DFSP # 395 - Lateral Movement and Admin Logons

Add to bookmarks
Sept. 12, 2023, 4:02 a.m. |

Digital Forensic Survival Podcast digitalforensicsurvivalpodcast.libsyn.com

This week is on lateral movement detection techniques. Inspecting Domain Admin account logons is a key component to lateral movement triage. Admin accounts are sought after by attackers for their elevated privileges. Evidence is often left behind both on the targeted system and on the domain controller. Both these factors provide protection opportunity through Windows event log analysis. I’ll break down the method....

account accounts admin attackers controller detection domain domain admin domain controller key lateral movement privileges system techniques triage week

Visit resource

More from digitalforensicsurvivalpodcast.libsyn.com / Digital Forensic Survival Podcast

DFSP # 428 - It’s all about that XML 3 days, 18 hours ago | digitalforensicsurvivalpodcast.libsyn.com
artifacts compromise events evidence +9
DFSP # 427 - MOF Balls 1 week, 3 days ago | digitalforensicsurvivalpodcast.libsyn.com
app artifact attackers dfir +11
DFSP # 426 - SSH Forensics: Log Analysis 2 weeks, 3 days ago | digitalforensicsurvivalpodcast.libsyn.com
analysis analyst forensics important +9
DFSP # 425 - SSH Forensics: Host-Based Artifacts 3 weeks, 3 days ago | digitalforensicsurvivalpodcast.libsyn.com
artifacts explained fast forensics +7
DFSP # 424 - SSH Forensics: Understanding Secure Shell 1 month ago | digitalforensicsurvivalpodcast.libsyn.com
access basics communications concepts +18
DFSP # 423 - Guiding Lights: Cyber Investigations Investigation Lifecycle 1 month, 1 week ago | digitalforensicsurvivalpodcast.libsyn.com
aspect clear cyber cyber investigations +18
DFSP # 422 - EVTX Express: Cracking into Windows Logs Like a Pro 1 month, 2 weeks ago | digitalforensicsurvivalpodcast.libsyn.com
access cracking event event logs +17
DFSP # 421 - Memory Lane: Fileless Linux Attacks Unraveled 1 month, 3 weeks ago | digitalforensicsurvivalpodcast.libsyn.com
anonymous attacks data data storage +19
DFSP # 420 - Failing, Stopping and Crashing 1 month, 4 weeks ago | digitalforensicsurvivalpodcast.libsyn.com
event exploitation forensic investigations +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Specialist

@ Nestlé | St. Louis, MO, US, 63164
View on infosec-jobs.com

Cybersecurity Analyst

@ Dana Incorporated | Pune, MH, IN, 411057
View on infosec-jobs.com

Sr. Application Security Engineer

@ CyberCube | United States
View on infosec-jobs.com

Linux DevSecOps Administrator (Remote)

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Cyber Security Intern or Co-op

@ Langan | Parsippany, NJ, US, 07054-2172
View on infosec-jobs.com

Security Advocate - Application Security

@ Datadog | New York, USA, Remote
View on infosec-jobs.com
View more jobs