13 - Cybercrime – Credential Theft – Part 2/4
No se pudo agregar al carrito
Add to Cart failed.
Error al Agregar a Lista de Deseos.
Error al eliminar de la lista de deseos.
Error al añadir a tu biblioteca
Error al seguir el podcast
Error al dejar de seguir el podcast
13 - Cybercrime – Credential Theft – Part 2/4
-
Narrado por:
-
De:
Nothing introduces more complexity to an organization than access control as with access comes privileges. Privileges are needed for many activities within an organization. Couple the need for privileges with the complexity organizational structures and the usual personnel churn and an already complex problem becomes nearly unmanageable. Attackers target credentials for this very reason.
Compromising an end-user with no privileges may seem trivial and unlikely to cause harm. However, as we discuss in this episode, if a privileged user logged in on that end-user’s machine, their privileged credentials are now comprised, allowing the attackers to exploit other parts of the organization’s network. While the problem can reach a place of being unmanageable, there are methods and solutions available to tackle this problem.
Links:
- Enterprise Access Model
- Credential Harvesting and Mitigations (PDF)
- Point of Entry: Why Hackers Target Stolen Credentials for Initial Access
- The Growing Threat from Infostealers