Overview
Explore a comprehensive analysis of credential-based privilege escalation in large-scale network breaches. Delve into the critical role of exposed credentials in transforming single-system access into widespread network compromise. Examine real-world examples, including the Target and Sands Casino breaches, to understand attack methodologies and their impact. Learn about a framework developed to identify and combat credential exposure at scale, focusing on constructing compromise chains to determine maximal access and privileges gained. Discover prevention strategies, including smartcards and authentication policies, and gain insights into tools for both offensive and defensive purposes. Led by Matt Weeks, a seasoned cybersecurity expert, this talk provides valuable knowledge for understanding and mitigating credential-based attacks in complex network environments.
Syllabus
Motivation
Major Breaches
Target Breach
Critical Flaw
How Target blew it
A bottomless budget
Chip and pin update
US Senate report
Summary
Sands Casino
The Attack
Breach Diagram
How do we stop this
What happened
Breaches
Is this a problem
Google Search
Incident Reports
Minicat
Impact of credentials
Scan
Collection
Exploit Failed
Admin Approval Mode
Forced Guest
Special Rights
Remote Desktop
Troubleshooting
If nothing is open
Vulnerability scanners
Sharing a password
Local accounts
Remediation
Prevention
Smartcards
Authentication Policies
Tools
Taught by
Cooper