Skip to content

Cyber Security | Samuel Alonso

About
Books
Global Threats Research
- US
- Russia
- China
- Iran
- North Korea
Disclaimer

analysis, APT, Cyber Defense, Incident response, Uncategorized

Detecting Lateral Movement in APT’S by Japan CERT

Posted by Samuel Alonso on September 23, 2016December 5, 2016

I am not going to add much to this article, I know is not very original but you should go straight into the presentation. It is worth your time if you are looking to understand lateral movement, examples with windows event id’s and Kerberos KDC vulnerability.

https://www.first.org/resources/papers/conf2016/FIRST-2016-105.pdf

Share this:

Twitter
Facebook
Email
LinkedIn
Reddit
Tumblr
WhatsApp
More

Print
Pinterest
Pocket

Like this:

Like Loading...

Related

DFIR Incident Reseponse Japan CERT lateral movement Threat Hunting windows event logs

Post navigation

Previous Post Book: Learn about firewall design, Juniper Networks

Next Post Windows Commands abused by attackers (Japan CERT)

One Comment Add yours

Pingback: Week 38 – 2016 – This Week In 4n6

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Google account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

Notify me of new comments via email.

Notify me of new posts via email.

Translate

Follow me on Twitter

Top Posts & Pages

Network Forensics - Traffic Analysis (1)
Network Forensics - Traffic Analysis (2)
How They Rule the World: The 22 Secret Strategies of Global Power
Enterprise Threat Modeling and ATT&CK
Advanced Hunting with RSA Netwitness
Cyber Threat Hunting (1): Intro
Cyber Threat Hunting (3): Hunting in the perimeter
Active Cyber Defence: The need for an active cyber defence model (1)
Bypassing Perimeter Security and Malware Evasion (2)
The evil side of DNS

Follow Blog via Email

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 36 other followers

Archives

Archives

Follow on WordPress.com

Category Cloud

analysis APT Book cyber collaboration cyber deception Cyber Defense cyberespionage cyber intelligence cyber operations cyber strategy cyberthreat cyber threat intelligence cyberwar cyber warfare DFIR Digital Forensics forensics general Incident response Intelligence Driven Incident Response malware network forensics Security Analytics SOC Strategic Cyber Threat Intelligence Theat Intelligence Threat Hunting traffic analysis Uncategorized whitepaper

Create a free website or blog at WordPress.com.

Send to Email Address Your Name Your Email Address

Cancel

Post was not sent - check your email addresses!

Email check failed, please try again

Sorry, your blog cannot share posts by email.

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

%d bloggers like this: