Delinea Webinars | Our software features & IT security trends

Identify and Mitigate Risk of Unwanted Privilege Escalation Attacks

Written by Joseph Carson | Apr 10, 2023 8:03:02 PM

Cybercriminals target privileged access on Windows and Linux systems to move around, steal credentials, deploy malware, and cause disruption. Through privilege escalation techniques, attackers leverage their initial foothold on workstations and servers to obtain higher-level Domain Administrator, Local Administrator, and NT Authority/System access.

On Linux, condition-based privilege elevation is typically enabled via the sudo (Super User DO) command for user accounts, but this is a complex process which can be difficult to manage and makes Linux systems particularly vulnerable to privilege escalation attacks. Attackers attempt to abuse sudo misconfigurations to get root access and achieve their goals.

To protect workstations and servers from attack, security professionals must know the latest strategies to identify and mitigate unwanted privilege escalation.

Join Delinea Chief Security Scientist and Advisory CISO Joseph Carson as he leads a discussion and live demonstration of a privilege escalation attack. He’ll walk through several tools hackers use to automatically assess Windows and Linux systems for viable privilege escalation (MITRE ATT&CK TA0004) opportunities:

  • winPEAS, a script that discovers all possible paths for privilege escalation on Windows hosts.
  • Sherlock, which identifies missing patches that enable privilege escalation.
  • linPEAS, is a script that searches for possible paths to escalate privileges on Linux/Unix*/MacOS hosts.
  • And more...

Who should attend this webinar?

  • Secret Server customers
  • IT security
  • PAM experts
  • Delinea customers
  • Director of Information Security
  • People who are new to PAM
  • IT operations: Systems Administrators, Helpdesk Teams, Infrastructure Management, Workstation Management, etc.

What will I learn?

  • Privilege escalation techniques on Windows and Linux.
  • Common techniques that hackers use for privilege escalation, like insecure service permissions, unquoted service paths, weak registry permissions, and sudo misconfigurations.
  • Common attack paths for privileged accounts.

Get answers to these important questions:

  • What are some of the ways to protect against privilege escalation?
  • How can my company harden systems to prevent and prepare for cybersecurity events?
  • What are the different stages of a privilege escalation attack?

What will I receive from attending?

  • Recording of this webinar
  • Privileged escalation whitepaper
  • Free trial of Server PAM
View full post