October 8th Paula Januszkiewicz has been holding the Breakout session at the 12th edition of #Cybercon. Take a look at the key takeaways and get access to the presentation and tools!
Vulnerabilities in Credentials & How to Fix Them
What are the places where credentials are stored? It is that easy to reveal them? Whenever you enter your password in the password field, there is at least one mechanism remembering it, to use it later for the designed purpose. What is the risk to experience identity theft in the typical infrastructure? Could we rely on the identity in the cloud? Do cached credentials bring any danger? Can we just extract them and crack the password or use the value to do the pass the hash attack? One thing is for sure: Paula and her team made a DPAPI world discovery where they have reverse-engineered this mechanism to tell you right now how it works and if it is safe.
In her presentation, Paula has demonstrated the technology weaknesses in credential security and specific misused actions within the operating system. You will learn the unexpected places your passwords reside, how the password attacks are performed, the typical paths where credentials can be leaked and how to prevent these by implementing various solutions.
P.S. The slides are demo heavy!
>> Scroll down to view slides and tools from Paula’s session and gain even more valuable knowledge <<
About the Australian Cyberconference
The Australian Cyber Conference is providing business leaders with insights and best practices taught by the industry’s top experts through keynotes, panel sessions, and live demonstrations. Attending the conference is enabling you to network with these practitioners to help you better understand and manage current threats, as well as identify and prepare to meet emerging challenges. An interactive format of workshops, plenary sessions and the opportunity to network with expert practitioners in the field of cybersecurity is a must for all organizations in the current business environment.
In 2018 the conference comprised over 2000 individuals across Australia. Delegates range from company directors and managers to lawyers, risk professionals, software architects, and technical security specialists. They come from a broad scope of industries from education to finance, government, healthcare, manufacturing, mining, transportation, and utilities.
Paula’s presentation slides can be found HERE.
If you have any questions please drop us a message via our contact form.