Credentials Harvesting from Domain Shares

Written by: Vikram Navali, Senior Technical Product Manager – Credentials Harvesting is an attack technique adversaries employ after establishing a foothold inside an organization. The technique is to harvest or amass numerous credentials (username/password combinations) for reuse. It helps adversaries move internally to higher-value assets while gaining access to protected data and applications. Such lateral movements are difficult to detect with standard security controls because they are legitimate user account activity seen in the enterprise.