light bulb

Did You Know?



Reply
Posts: 3,150
Topics: 1,923
Kudos: 2,241
Blog Posts: 0
Registered: ‎06-02-2014

Fear the golden ticket attack!

By:

Follow @rogeragrimes  

 

Be afraid of the golden ticket attack -- if malicious hackers can create the tickets, they can wreak whatever havoc they please.

 

The Windows security world is abuzz about Kerberos "golden ticket" attacks in the wake of a seminal presentation at Black Hat USA 2014, the best overview I've seen on the subject.

In a nutshell, if you have domain admin/local admin access on an Active Directory forest/domain, you can manipulate Kerberos tickets to get unauthorized access. A golden ticket attack is one in which you create a Kerberos-generating ticket that is good for 10 years or however long you choose.gold_ticket_attack.jpg

 

InfoWorld/ Full Aricle Here/ http://www.infoworld.com/d/security/fear-the-golden-ticket-attack-248653

Community Leader