Explore a Black Hat conference talk on defeating Pass-the-Hash attacks through separation of powers in Windows 10. Delve into the critical issue of symmetric credential reuse in system breaches and learn how Windows 10 implements strong isolation of sensitive artifacts to thwart these attacks. Examine the challenges of securing legacy protocols like Kerberos and NTLM while maintaining business functionality. Discover how virtualization technology enables a new level of OS isolation, sequestering hashes, keys, and other secrets in protected physical memory. Gain insights into Windows 10's approach to guaranteeing secret isolation, its implications beyond client security, and the feasibility of achieving this without major protocol revisions. Enhance your understanding of advanced cybersecurity measures in this 48-minute presentation by Seth Moore and Baris Saydag.
Overview
Syllabus
Defeating Pass-the-Hash: Separation Of Powers
Taught by
Black Hat
Related Courses
-
Pass the Hash and Other Credential Theft - Reuse - Mitigating Risk
-
Pass the Hash 2 - The Admin's Revenge
-
Detecting Access Token Manipulation
-
Why You Need to Detect More Than Pass-the-Hash
-
Still Passing the Hash 15 Years Later - Using Keys to the Kingdom to Access Data
-
Windows Red Team Credential Access Techniques - Mimikatz & WCE
