iSECTECH

@isectech.org

1 year ago

Active Directory #Threats
⚠️ Golden Ticket #Attack: #Hackers forge Kerberos #TGTs to gain AD-wide access for months.
🛡️ Defense:
1️⃣ Limit #KRBTGT key lifetime.
2️⃣ Enable auditing on #TGT generation.
3️⃣ Use #EDR to track privilege abuse.
🔗 #ActiveDirectory #CyberDefense

Hunt & Hackett

@huntandhackett.com

1 year ago

In this blog, we welcome the return of the LM hash - which is still in use in specific scenarios even if it is explicitly disabled! - and demo one method of surviving the reset of the #krbtgt service account.

3/🧵