Local Accounts

Cybrary
Course
COMING SOON

Organizations that do not enforce strong password policies and audit privileged account management can fall victim to attackers who leverage access to local accounts. With it, they can gain initial access, persistence, privilege escalation, or defense evasion. Learn how to detect and prevent this type of activity in this dynamic lab-based course.

Time
50 minutes
Difficulty
Intermediate
CEU/CPE
1
Share
NEED TO TRAIN YOUR TEAM? LEARN MORE
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Sign up with Google
Sign up with Apple
Sign up with Microsoft
View all SSO options

Already have an account? Sign In »

Course Description

With access to a local administrator or service account, an attacker can do a lot of damage. Adversaries who abuse this type of account can do things like access remote services, carry out administrative functions, or elevate privileges. They can also perform OS credential dumping. Threat actor FIN10 has been known to move throughout a system using a local administrator account.

While the mitigation strategies for this technique seem obvious, it’s important to know about effective strong password policies and how to audit your local account management, as well as how to detect suspicious activity related to local accounts.

Get the hands-on skills you need to detect and mitigate this attack in Cybrary's MITRE ATT&CK Framework courses aligned to the tactics and techniques used by the financially motivated threat group FIN10. Prevent adversaries from accomplishing the tactics of Defense Evasion, Persistence, Privilege Escalation, and Initial Access in your environment today.

Instructed By
Matthew Mullins
Matthew Mullins
Technical Manager, Red Team
Instructor
Owen Dubiel
Owen Dubiel
Security Practitioner
Instructor
Provider
Cybrary
Certificate of Completion
Certificate Of Completion

Complete this entire course to earn a Local Accounts Certificate of Completion

Domains