Securing the Past with Dustin Heywood

<p><a href="https://www.linkedin.com/in/evilmog/?originalSubdomain=ca" rel="noopener noreferrer" target="_blank">Dustin Heywood</a>, Hacker, Researcher, and Senior Leader at IBM, joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Dustin provided a live demonstration of cracking NTLM version 1 during his BlueHat presentation, showcasing the process of responding to challenges, using coercion techniques, and ultimately extracting and cracking the NTLM hash. Dustin, Nic, and Wendy discuss checking group policies, auditing every object, ensuring relevant systems, and managing IT assets effectively. They emphasize the importance of IT asset management and recommend quarantining legacy systems with restricted access. </p><p>  </p><p> </p><p><strong>In This Episode You Will Learn</strong>:    </p><p> </p><ul><li>Why security professionals need business skills for effective communication </li><li>Advice for auditing legacy systems with vulnerable protocols  </li><li>Extracting DPAPI keys and decrypting browser session history </li></ul><p> </p><p> </p><p><strong>Some Questions We Ask: </strong>    </p><p> </p><ul><li>How do you manage risk for legacy systems deemed necessary for business? </li><li>Can you discuss some of the outdated protocols in current IT environments? </li><li>What guidance would you offer to IT professionals looking to audit their systems? </li></ul><p><br></p><p> </p><p><strong>Resources:</strong>  </p><p><a href="https://www.linkedin.com/in/evilmog/?originalSubdomain=ca" rel="noopener noreferrer" target="_blank">View Dustin Heywood on LinkedIn</a> </p><p><a href="https://www.linkedin.com/in/wendyzenone/" rel="noopener noreferrer" target="_blank">View Wendy Zenone on LinkedIn</a> </p><p><a href="https://www.linkedin.com/in/nicfill/" rel="noopener noreferrer" target="_blank">View Nic Fillingham on LinkedIn</a> </p><p> </p><p> </p><p><strong>Related Microsoft Podcasts:</strong>  </p><p> </p><ul><li><a href="https://msthreatintelpodcast.com/" rel="noopener noreferrer" target="_blank">Microsoft Threat Intelligence Podcast</a>  </li><li><a href="https://afternooncybertea.com/" rel="noopener noreferrer" target="_blank">Afternoon Cyber Tea with Ann Johnson</a>  </li><li><a href="https://uncoveringhiddenrisks.com/" rel="noopener noreferrer" target="_blank">Uncovering Hidden Risks</a>  </li></ul><p> </p><br><p>Discover and follow other Microsoft podcasts at<a href="https://news.microsoft.com/podcasts/" rel="noopener noreferrer" target="_blank"> microsoft.com/podcasts</a>  </p><br /><hr><p style='color:grey; font-size:0.75em;'> Hosted on Acast. See <a style='color:grey;' target='_blank' rel='noopener noreferrer' href='https://acast.com/privacy'>acast.com/privacy</a> for more information.</p>

The BlueHat Podcast · Microsoft