A Cyber Journey

Authentication Attacks:NOTES

r0tZ
Authentication Attacks:NOTES

Types:

MFA Fatigue Attacks – Social Engineering Cyber attack repeatedly sending MFA requests; SPAM attack;

Pass-The-Hash Attack – Steal Hashed user credentials then use them to create a new session;

Pass-The-Ticket Attack – Steal Kerberos tickets and use them to move laterally through an organisations network;

Kerberoasting – Post compromise attack used for cracking Active Directory service account passwords; Crack the password hash linked to the compromised account

Brute Forcing – Attempting many combinations; Dictionary, hybrid brute force, dictionary-random;

Credential Stuffing – Attacker has stolen credentials and uses botnet to target various services;

LDAP Injection – For network discovery of files, users and devices; user names and passwords; exploits weak or poor validation;

 

r0tZ Avatar
r0tZ

Leave a Reply

Your email address will not be published. Required fields are marked *

Search

Latest Posts

Latest Comments

Categories

Archives

Tags

Cyber Defense Cyber Investigation Cyber Kill Chain Cybersecurity Cybersecurity Tools Cyber Threat Hunting Cyber Threat Intelligence Data Recovery Data Visualization DFIR Digital Forensics Email Security Event Correlation Evidence Collection Evidence Preservation Forensic Analysis Forensic Artifacts Incident Handling Incident Response KAPE Log Analysis Malware Analysis Memory Analysis Network Forensics Network Monitoring Network Security Open Source Security OSINT Packet Analysis Security Automation Security Investigation Security Monitoring Security Operations Security Tools SIEM Social Engineering Threat Analysis Threat Detection Threat Hunting Threat Intelligence Wazuh Windows Forensics Windows Logs Windows Registry Wireshark