• QOMPLX Knowledge
  • Jun 4, 2021

QOMPLX Knowledge

QOMPLX Knowledge

Information security is complex, but it doesn’t need to be. QOMPLX Knowledge is an on-going blog series that provides vital information and insights about critical cyber security concepts, including common malicious behavior and attacks that QOMPLX analysts encounter in their customer engagements. QOMPLX Knowledge blog posts explain key information security concepts in plain language. They also explore the information security trends that drive malicious campaigns, providing useful information on threat detection and incident response.

See below for a links to articles in this ongoing series.

  1. Golden Ticket Attacks Explained
  2. Silver Ticket Attacks Explained
  3. Responding to a Golden Ticket Attack
  4. DCSync Attacks Explained
  5. DCShadow Attacks Explained
  6. Pass-the-Ticket Attacks Explained
  7. Kerberoasting Attacks Explained
  8. Responding to a Silver Ticket Attack
  9. Kerberos Delegation Attacks Explained
  10. 10 Active Directory Health Checks You Should Know
  11. NTLM Relay Attacks Explained
  12. Understanding Pass The Hash Attacks
  13. Understanding OverPass The Hash Attacks
  14. 5 Ways Attackers Bypass Microsoft Azure ATP
  15. What Are AS-REP Roasting Attacks?
  16. Detecting Lateral Movement Using Windows Event Logs
  17. 9 Reasons To Consolidate Active Directory

You might also be interested in

Lessons from the Medibank breach

Lessons from the Medibank breach

Ming Fu, a member of the Americas Pre-Sales Engineering Team at QOMPLX, looks at the much publicized Medibank breach in Australia last year, and draws a few much needed lessons based on the published findings of this breach.

Read more
IcedID Malware Gaining Prominence by Adding Identity Attack Chains

IcedID Malware Gaining Prominence by Adding Identity Attack Chains

Brian Freedman, WW Director of Solution Architecture highlights how identity controls are necessary tools, along with EDR, to combat evolving malware threats that have been expanding to include identity compromise as a primary objective in their attack strategies.

Read more
QOMPLX Knowledge: OverPass The Hash Attacks

QOMPLX Knowledge: OverPass The Hash Attacks

OverPass The Hash (OPtH) is a form of credential theft- and reuse attack that is one of the most common methods of lateral movement within compromised IT environments.

Read more
Request a Demo

Interested in learning more?

Subscribe today to stay informed and get regular updates from QOMPLX.