Title: Anomaly detection in certificate-based TGT requests

Published:  Fri, 28 Jul 2023 10:00:16 +0000

Description: I identified several signs of attacks that use forged certificates inside the network and developed a Proof-of-Concept utility capable of finding artifacts in AD, as well as a number of detection logic rules that can be added to SIEM.

Source: SECURELIST.COM