Wednesday, October 27, 2021

Hunting for Lateral Movement: Local Accounts

Let’s Connect | LinkedIn | Twitter

I’ve explained How to build a Custom UEBA with KQL to Hunt for Lateral Movement in Microsoft 365 Defender in my previous post. The solution covers domain accounts. In this post, I’ll cover Lateral Movement involving local accounts.

Usually, there are a few local accounts in an enterprise. These accounts often have high privileges on many systems. Compromising one account opens all the doors if the password of each local account is the same. Password managemen…

Read More

Latest news
Related news