[SANS ISC] Administrator’s Password Bad Practice

I published the following diary on isc.sans.org: “Administrator’s Password Bad Practice“:

Just a quick reminder about some bad practices while handling Windows Administrator credentials. I’m constantly changing my hunting filters on VT. A few days ago, I started to search for files/scripts that use the Microsoft SysInternals tool psexec. For system administrators, this a great tool to execute programs on remote systems but it is also used by attackers to pivot internally. This morning, my filter returned an interesting file with a VT score of 11/66. The file is a compiled AutoIT script… [Read more]

[The post [SANS ISC] Administrator’s Password Bad Practice has been first published on /dev/random]

Article Link: https://blog.rootshell.be/2018/03/20/sans-isc-administrators-password-bad-practice/