Browsed by
Tag: pass-the-hash

Attacking Local Account Passwords

Attacking Local Account Passwords

So far in this series, we’ve learned how attackers can target weak domain passwords in Active Directory.  To complete the story, we need to look beyond domain accounts and understand the ways to attack local accounts on Windows servers and desktops.  For this post, we will focus on the most important local account: Administrator.  The Administrator account is built into every Windows operating system and provides full control over the system, including the ability to compromise domain accounts through pass-the-hash…

Read More Read More

Learn How to Defeat Advanced Attacks against Active Directory at Microsoft Ignite 2017

Learn How to Defeat Advanced Attacks against Active Directory at Microsoft Ignite 2017

There’s a lot of news coverage on threats like ransomware, malware, and phishing that are all about punching holes in organizations to grab quick spoils. But what isn’t getting a lot of coverage is the careful, patient planning attackers do once inside your Microsoft Active Directory (AD) environment. They fly under the radar scoping out your domain and amassing privileges so they can spread out, dig in, and access a smorgasbord of sensitive data. These meticulously executed—and ultimately more dangerous…

Read More Read More

How Attackers are Stealing your Credentials with Mimikatz – Insider Threat Podcast #6

How Attackers are Stealing your Credentials with Mimikatz – Insider Threat Podcast #6

In our sixth edition of the Insider Threat Podcast, once again we spoke with our resident white hat hacker, Jeff Warren. Jeff has just finished another in our ongoing blog series about insider attacks on Active Directory (AD). This time, the focus was the Mimikatz toolkit and all the ways it’s being used to exploit weaknesses in AD. You can find out more in the main series of blog posts about Mimikatz attacks as well as supplementary posts covering Skeleton…

Read More Read More

How Attackers are Stealing Your Credentials with Mimikatz

How Attackers are Stealing Your Credentials with Mimikatz

Stealing Credentials with Mimikatz Mimikatz is an open-source tool built to gather and exploit Windows credentials. Since its introduction in 2011 by author Benjamin Delpy, the attacks that Mimikatz is capable of have continued to grow. Also, the ways in which Mimikatz can be packaged and deployed have become even more creative and difficult to detect by security professionals. This has led to Mimikatz recently being tied to some of the most prevalent cyber attacks such as the Petya ransomware….

Read More Read More