Mitigating Credential Dumping on Windows Clients

07/9/21

Credential dumping from compromised Windows clients allows the attacker to perform lateral movement and gain control even after more sensitive hosts and eventually compromise the domain controller.

Mitigating-Credential-Dumping-on-Windows_purple

Mitigating various types of credential dumping on Windows is not easy. Not every permission that is abused by various post-exploitation tools can be safely removed and even the latest virtualization-based features in Windows 10 cannot protect all credentials.

In this paper we will look at most abused techniques, as well as their detection and mitigation.

Download Mitigating Credential Dumping on Windows Clients

Related Resources

Case Study cyber cybersecurity LockBit ransomware Whitepaper

A Detailed Analysis of the LockBit Ransomware

LockBit 2.0 ransomware is one of the most active families in the wild and pretends to implement the fastest encryption...

Case Study cybersecurity Grief Ransomware Whitepaper

A Deep Dive into The Grief Ransomware’s Capabilities

Grief ransomware is the successor of the DoppelPaymer ransomware, which emerged from the BitPaymer ransomware. Grief is deployed in an...

.CONTI cybersecurity ransomware Whitepaper

A Detailed Analysis of The Last Version of Conti Ransomware

Conti ransomware has been sold as a RaaS (Ransomware as a Service) in underground forums and it’s usually deployed by other...

Related Posts

Share this: