2016-030: Defending Against Mimikatz and Other Memory based Password Attacks

In the last few years, security researchers and hacker have found an easy way of gaining access to passwords without the use of dumping the Windows hash table. When improperly configured, the passwords are stored in memory, often in plain text.   This week, we discuss Mimikatz, and methods by which you can protect your environment by hardening Windows against such attacks.   Links to blogs: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft http://blog.gojhonny.com/2015/08/preventing-credcrack-mimikatz-pass-hash.html https://jimshaver.net/2016/02/14/defending-against-mimikatz/  Praetorian Report on pentests: http://www3.praetorian.com/how-to-dramatically-improve-corporate-IT-security-without-spending-millions-report.html Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-030-Defense_against_Mimikatz.mp3 YouTube: iTunes:  #SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake #Facebook: https://www.facebook.com/BrakeingDownSec/ #Tumblr: http://brakeingdownsecurity.tumblr.com/ #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582    

Видео 2016-030: Defending Against Mimikatz and Other Memory based Password Attacks автора Волшебные практики