Technique T1003

OS Credential Dumping

Another mainstay of Threat Detection Reports past, OS Credential Dumping lingers in our top five because adversaries frequently abuse LSASS memory to steal credentials.

#4

Technique rank

18.3%

Organizations affected

1871

Confirmed threats
T1003.001
LSASS Memory
LSASS Memory

#6

Sub-technique rank

13.3

organizations affected

746

confirmed threats

Thanks to the amount of sensitive information it stores in memory, LSASS is a juicy target for adversaries seeking to elevate their privilege level, steal data, or move laterally.

SEE MORE