Once an adversary has found their way into your environment, they will often take advantage of any credentials they grab as a hash or in plain text so they can move to an even better level of access. Although there are numerous ways to accomplish this goal, one of them is to dump credentials from the operating system or software. Even more clever is when they go on to use the valid accounts they have obtained access to log into remote services, move laterally, and explore other avenues to the data they are after.
Clearly, you should know how to detect this kind of activity and mitigate it so attackers can't gain such wide-ranging access.
Get the hands-on skills you need to detect and mitigate this attack in Cybrary's MITRE ATT&CK Framework courses aligned to the tactics and techniques used by the financially motivated threat group Prophet Spider. Prevent adversaries from accomplishing the tactics of Credential Access and Lateral Movement in your environment today.
