The National Security Agency has published in march 2 new documents about security.
The first one is titled "Spotting the Adversary with Windows Event Log Monitoring".
This white paper provides an introduction to collecting important Windows workstation event logs and storing them in a central location for easier searching and monitoring of network health using the built-in tools already available in the Microsoft Windows operating system.
The first document is available here : Spotting the Adversary with Windows Event Log Monitoring
The second one is titled "Reducing the Effectiveness of Pass-the-Hash"
In December 2012, Microsoft released a whitepaper which discusses PtH in-depth (available here : Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques ), identifies numerous risk factors that make an organization highly vulnerable to PtH, and describes several mitigations. The purpose of this document is to expand on the ideas presented in the Microsoft's white paper and to provide guidance.
The second document is available here : Reducing the Effectiveness of Pass-the-Hash
Aucun commentaire:
Enregistrer un commentaire