Analysis of the latest attacks on large enterprises has determined that one of the most common patterns is the commandeering of privileged accounts to gain access to an intended target, then escalating privileges to move laterally throughout the network to higher value targets. This presentation will examine primary attack vectors, such as privileged accounts and credentials, and provide insight into the code that is launched, including snippets that enable access to more devices (lateral movement). The session will explain common weaknesses in enterprise security defenses and provide advice for remediating and closing these vulnerabilities. The discussion will put recent breaches in context of broader cyber-attack patterns, and provide lessons learned based on attackers, typical timeline of activities.

Back to GrrCON 2015 video list