Security News #0x68
- The current alpha version of mimikatz apparently now lets the attacker extract the PIN used in keberos authentication.
- The EMET tool is a key component of the defense of any Windows system. Ars Technica reports on a new attack by folks at Bromium Labs that bypasses EMET 4.1. If you really want to understand what is going on, you should read the original whitepaper (.pdf).
- Understanding pass-the-hash attacks is key to understanding how attackers will move through a Windows network. If you want to learn how these work (and you do!) then take a look at Sam Bowne’s walkthrough of a pass the hash attack against Windows 8.1 and MRL’s demo of pass the hash via RDP.
- Talking about hashes, students- you have to know the right way to implement password hashing in any application that you develop. Take a look at Crackstation for tips on the right and the wrong ways to implement salted password hashing.
- The EC Council website was hacked twice in one weekend.
- Some ads on YouTube were caught serving malware.