2016-030: Defending Against Mimikatz and Other Memory based Password Attacks
BrakeSec Education Podcast · Bryan Brake
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
In the last few years, security researchers and hacker have found an easy way of gaining access to passwords without the use of dumping the Windows hash table.
When improperly configured, the passwords are stored in memory, often in plain text.
This week, we discuss Mimikatz, and methods by which you can protect your environment by hardening Windows against such attacks.
Links to blogs:
https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
http://blog.gojhonny.com/2015/08/preventing-credcrack-mimikatz-pass-hash.html
https://jimshaver.net/2016/02/14/defending-against-mimikatz/
Praetorian Report on pentests: http://www3.praetorian.com/how-to-dramatically-improve-corporate-IT-security-without-spending-millions-report.html
Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-030-Defense_against_Mimikatz.mp3
YouTube: https://www.youtube.com/watch?v=QueSEroKR00
iTunes: https://itunes.apple.com/us/podcast/2016-030-defending-against/id799131292?i=1000373511591&mt=2
#SoundCloud: https://www.soundcloud.com/bryan-brake
Comments, Questions, Feedback: [email protected]
Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast
#Twitter: @brakesec @boettcherpwned @bryanbrake
#Facebook: https://www.facebook.com/BrakeingDownSec/
#Tumblr: http://brakeingdownsecurity.tumblr.com/
#Player.FM : https://player.fm/series/brakeing-down-security-podcast
#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr
#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582