We have a new security video resource called the Targeted Attacks Video Series on Advanced Persistent Threats (APTs), or what we at Microsoft call Targeted Attacks by Determined Human Adversaries. These five short informational videos summarizes three security whitepapers, Determined Adversaries and Targeted Attacks, Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques, and Best Practices for Securing Active Directory. The five short videos are:
- Introduction to Determined Adversaries and Targeted Attacks: Tim Rains, Director, Microsoft Trustworthy Computing, provides background information on these types of attacks and set the context for the rest of the video series.
- Mitigating Pass-the-Hash Attacks: Patrick Jungles, Security Program Manager, Trustworthy Computing, explains what a Pass-the-Hash attack is and some tested mitigations to help manage the risk associated with credential theft attacks.
- Anatomy of a Cyber-attack Part 1: Sean Finnegan, CTO of the Microsoft Consulting Services Cybersecurity Practice, walks through a typical targeted attack, step by step, describing how attackers perpetrate these attacks.
- Anatomy of a Cyber-attack Part 2: Sean Finnegan finishes his briefing on how determined adversaries commit targeted attacks.
- Importance of Securing Active Directory: Bret Arsenault, Microsoft CISO, discusses the importance of protecting your Active Directory in the context of target attacks.
To learn more, I recommend you read the blog post on Targeted Attacks Video Series, written by Tim Rains, that summarizes the video series and the whitepapers. I encourage you to view the series and share it with any of your peers you may think would benefit.
—————————-
[horribly plagiarized from my coworker, Mark McReynolds, who’s incidentally probably lifted a few blog pages here and there from me anyway so I’m feeling a guilty but not too guilty]
Kurt Shintaku's Blog 