2 matches found
DCShadow
The DCShadow is an attack which tries to modify existing data in the Active Directory by using legitimate API's which are used by domain controllers. This technique can be used in a workstation as a post-domain compromise tactic for establishing domain persistence bypassing most SIEM solutions...
Cody Pierce on the Future of Exploit Development
Mike Mimoso talks to Cody Pierce, director of vulnerability research and prevention with Endgame, at RSA Conference 2017 about how attackers are changing their techniques in the face of mitigations and continuing to base exploits around legitimate APIs and functions to thwart detection. Download:...