Discover what a Primary Refresh Token is and how cyber-criminals are exploiting it in two different ways to launch Azure Active Directory attacks.
Like an NT hash (AKA NTLM hash) and a Kerberos ticket, a Primary Refresh Token (PRT) can be passed in an attack. Mimikatz author Benjamin Delpy and Dirk-jan Mollema have both released detailed research and code showing how attackers could Pass-the-PRT to perform the lateral movement to the cloud.
Here we take a brief look at what a PRT is and how cyber-criminals could exploit it to launch attacks.
Join us LIVE from 6PM CET on Nov. 23, 2021 for our biggest ever annual cybersecurity webinar feat. Sami Laiho, Michael Grafnetter & Paula Januszkiewicz.
Take this chance to grow your skills in Azure AD security, digital forensics, shadow credential injection attacks, and Privileged Access Workstations.
Do you want to receive the geekiest cybersecurity solutions, tools, and tricks, straight to your inbox?
Learn more about our offer in terms of Consulting. Our Cybersecurity Experts perform consulting work on a daily basis, hence we are fully prepared for any challenge.
Learn more about our offer in terms of Consulting. Our Cybersecurity Experts perform consulting work on a daily basis, hence we are fully prepared for any challenge.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.
