Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Cybrary

OS Credential Dumping and Remote Services

via Cybrary

Overview

Once an adversary has found their way into your environment, they will often take advantage of any credentials they grab as a hash or in plain text so they can move to an even better level of access. Although there are numerous ways to accomplish this goal, one of them is to dump credentials from the operating system or software. Even more clever is when they go on to use the valid accounts they have obtained access to log into remote services, move laterally, and explore other avenues to the data they are after.

Clearly, you should know how to detect this kind of activity and mitigate it so attackers can't gain such wide-ranging access.

Get the hands-on skills you need to detect and mitigate this attack in Cybrary's MITRE ATT&CK Framework courses aligned to the tactics and techniques used by the financially motivated threat group Prophet Spider. Prevent adversaries from accomplishing the tactics of Credential Access and Lateral Movement in your environment today.

Syllabus

  • OS Credential Dumping and Remote Services
    • What is OS Credential Dumping?
    • What are Remote Services?
    • Detection, Validation, and Mitigation (Lab)

Taught by

Owen Dubiel and Matthew Mullins

Reviews

Start your review of OS Credential Dumping and Remote Services

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.