Domain of Thrones: Part II

Nov. 6, 2023, 4:51 p.m. | Joshua Prager

Security Boulevard securityboulevard.com

Written by Nico Shyne & Josh Prager

Introduction Part II

In the first installment of “Domain of Thrones,” we meticulously explored an array of six distinctive domain persistence techniques:

Credential Theft on the Domain Controller (DC)

NTDS Access

DCSync

Golden Ticket

Diamond Ticket

Active Directory Certificate Services (AD CS)

These adversarial methods facilitate an elevated level of access to the targeted domains, thereby challenging the defenders with a considerably strenuous eviction and remediation process.

Our initial post ended …

access active directory adversarial amp array blue team certificate certificate services controller credential credential theft cybersecurity detection engineering diamond diamond ticket directory domain domain controller golden golden ticket infosec introduction josh persistence services techniques theft threat hunting thrones ticket written

Visit resource

More from securityboulevard.com / Security Boulevard

KapeKa Backdoor: Russian Threat Actor Group’s Recent Attacks 3 hours ago | securityboulevard.com

actor advanced persistent threat (apt) attacks backdoor +26

MITRE ATT&CK v15: A Deeper Dive into SaaS Identity Compromise 4 hours ago | securityboulevard.com

adversaries amp att attack +22

RSAC 2024 Innovation Sandbox | RAD Security: New Solutions for Cloud-Native Anomaly Detection and Response 8 hours ago | securityboulevard.com

and response anomaly detection benchmark blog +23

External Penetration Testing: Cost, Tools, Steps, & Checklist 10 hours ago | securityboulevard.com

actions applications assets attacker +28

Continuous Risk Assessments Unify Healthcare Cybersecurity 11 hours ago | securityboulevard.com

advice aim assessments axio +18

How to Build a Phishing Playbook Part 4: Testing and Publishing 12 hours ago | securityboulevard.com

build data devops dynamic +11

Who Is Scattered Spider? 13 hours ago | securityboulevard.com

goal hacker hacker groups hackers +6

USPS Phishing Scams Generate Almost as Much Traffic as the Real Site 14 hours ago | securityboulevard.com

akamai bad bad actors cloud +41

Rubrik Sets Cyber Resiliency Course Following IPO 14 hours ago | securityboulevard.com

attack course cyber cyber resiliance +18

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Senior Security Engineer

@ Core10 | Nashville, Tennessee, United States - Remote

View on infosec-jobs.com

Security Operations Engineer I

@ Jamf | US Remote

View on infosec-jobs.com

IT Security ISSO Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States

View on infosec-jobs.com

Compliance Officer

@ Aspire Software | Canada - Remote

View on infosec-jobs.com

Security Operations Center (SOC) - AVP

@ Paytm | Noida, Uttar Pradesh

View on infosec-jobs.com

View more jobs

all InfoSec news

Domain of Thrones: Part II

Introduction Part II

More from securityboulevard.com / Security Boulevard

Jobs in InfoSec / Cybersecurity

SOC 2 Manager, Audit and Certification

Senior Security Engineer

Security Operations Engineer I

IT Security ISSO Specialist (15.10)

Compliance Officer

Security Operations Center (SOC) - AVP