Cached Credentials: Important Facts That You Cannot Miss
Why changing your cached credentials to 0 or 1 is… pointless? I will show you how cached logon data works, what is inside, how we're able to overwrite it, and what kind of threat it exposes.
Read moreUser Secrets: How to Get Them Back Using Password Recovery Tools
Cybersecurity professionals know that they could be called on at any time to recover a user secret. For example, if an employee's profile is corrupted or user secrets have to be decrypted offline (e.g. during analysis of the forensic image of the operating system). Find out about some tools capable of decrypting secrets protected using DPAPI and get an outline of how to use them.
Read more
8 Things to Avoid In Azure Active Directory
Azure Active Directory simplifies IT infrastructure management by providing a single place to store information about digital identities. But this convenient Identity and Access Management (IAM) system comes pre-configured with only basic features and security settings. For example, the default setting for Azure storage accounts allows access from anywhere, including the internet.
Read more
A Look Inside the Pass-the-PRT Attack
Discover what a Primary Refresh Token is and how cyber-criminals are exploiting it in two different ways to launch Azure Active Directory attacks.
Read more