CIP Cyber

Log In
Menu
Log In
  • Opinion
  • Product Reviews
  • Industrial Cybersecurity
  • Videos

You Guys don’t Get the Process to Exploit Microsoft Kerberos

Table of Contents

As MIT explains that: “Kerberos is a
network authentication protocol. It is designed to provide strong
authentication for client/server applications by using secret-key
cryptography.” Kerberos builds on symmetric key cryptography and
requires a trusted third party, and optionally may use public-key
cryptography during certain phases of authentication.Kerberos uses
UDP port 88 by default.
Microsoft Active Directory uses
Kerberos to handle authentication requests by default. However, if
the domain is compromised, how bad can it really be? With the loss of
the right hash, Kerberos can be completely compromised for years
after the attacker gained access. Yes, it really is that bad.

In
this presentation Skip Duckwall, @passingthehash on twitter and
Benjamin Delpy, @gentilkiwi on twitter and the author of Mimikatz,
will demonstrate just how thoroughly compromised Kerberos can be
under real world conditions.

Prepare to have all your
assumptions about Kerberos challenged!

CIP Cyber Staff

CIP Cyber Staff

CIP Cyber Staff comprises CIP cybersecurity experts committed to delivering comprehensive information on critical infrastructure protection. The content covers diverse topics, equipping professionals to defend organizations and communities in an ever-evolving cyber landscape.

Most popular

Opinion

Password Cyberattack: Everything You Need to Know

November 7, 2023

Industrial Cybersecurity

Cybersecurity Awareness Month: Spotlight on ICS/OT Security

September 28, 2023

Opinion

How to Protect IoT Devices in Critical Infrastructure Networks

September 15, 2023

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Choose Training

Related Articles

Do Hackers Really use Metasploit? NO!

Undoubtedly, Metasploit is one of the most organized, well-developed tools in the pen-testers toolbox. But, do hackers use it? Some of them, but not the

December 20, 2020

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Choose Training