pass-the-hash

wei October 12, 2025 0 Comments

How It Works (Step-by-Step) 🛡️ Why It’s Dangerous 🔐 Mitigation Strategies Defense Layer Action Credential Hygiene Use unique local admin passwords (LAPS), enforce password rotation Memory Protection Enable Credential Guard, isolate LSASS Logging & Detection Monitor for LSASS access, unusual SMB/RDP logins Network Segmentation Limit lateral movement paths, restrict admin access MFA & PAM Use […]

Read MoreRead More

Akira ransomware

wei October 11, 2025 8 Comments

Akira’s VPN-Based Breach Tactics 1. Initial Access via VPN 2. Lateral Movement Post-VPN Access 3. Deployment of Ransomware 🔐 Real-World Example 🛡️ Defense Tips

Read MoreRead More