all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Splunk SPL Queries for Detecting gMSA Attacks

Add to bookmarks
May 20, 2022, 2:41 p.m. | Nathan Noll

TrustedSec www.trustedsec.com

1    Introduction What is a group Managed Service Account (gMSA)? If your job is to break into networks, a gMSA can be a prime target for a path to escalate privileges, perform credential access, move laterally or even persist in a domain via a ‘golden’ opportunity. If you’re an enterprise defender, it’s something you need...


The post Splunk SPL Queries for Detecting gMSA Attacks appeared first on TrustedSec.

active directory security review attacks incident response incident response & forensics penetration testing program assessment & compliance security testing & analysis splunk threat hunting

Visit resource

More from www.trustedsec.com / TrustedSec

Loading DLLs Reflections 1 day, 11 hours ago | www.trustedsec.com
back dll hollowing malware +4
PCI DSS Vulnerability Management: The Most Misunderstood Requirement – Part 3 1 week, 1 day ago | www.trustedsec.com
dss identification management pci +5
PCI DSS Vulnerability Management: The Most Misunderstood Requirement – Part 2 1 week, 3 days ago | www.trustedsec.com
dss identification management pci +6
PCI DSS Vulnerability Management: The Most Misunderstood Requirement – Part 1 2 weeks, 1 day ago | www.trustedsec.com
dss identification management pci +4
A Hitch-Hacker's Guide To DACL-Based Detections - The Addendum 2 weeks, 3 days ago | www.trustedsec.com
active directory attributes blog detections +7
Observations From Business Email Compromise (BEC) Attacks 3 weeks, 1 day ago | www.trustedsec.com
attacks bec business business email compromise +7
From Chaos to Clarity: Organizing Data With Structured Formats 1 month ago | www.trustedsec.com
bonus chaos clarity data +6
Securing Sensitive Data: How Ransomware Challenges the Healthcare Industry 1 month ago | www.trustedsec.com
attacks blog blog post can +15
From Error to Entry: Cracking the Code of Password-Spraying Tools 1 month, 1 week ago | www.trustedsec.com
authors blog blog post code +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Compliance Architect - Experian Health (Can be REMOTE from anywhere in the US)

@ Experian | ., ., United States
View on infosec-jobs.com

IT Security Specialist

@ Ørsted | Kuala Lumpur, MY
View on infosec-jobs.com

Senior, Cyber Security Analyst

@ Peloton | New York City
View on infosec-jobs.com

Cyber Security Engineer | Perimeter | Firewall

@ Garmin Cluj | Cluj-Napoca, Cluj County, Romania
View on infosec-jobs.com

Pentester / Ethical Hacker Web/API - Vast/Freelance

@ Resillion | Brussels, Belgium
View on infosec-jobs.com
View more jobs