Kerberos Attacks

Kerberos Vulnerability Assessments

Kerberos Vulnerability Assessments

Written by: Vikram Navali, Senior Technical Product Manager – A previous blog on detecting unconstrained delegation exposure showed a typical attack scenario with Kerberos authentication. It also discussed how an attacker could discover domain computers with an unconstrained delegation and abuse Kerberos TGTs (ticket-granting tickets) to achieve their goals.

Detecting a Kerberos

Detecting a Kerberos Golden Ticket Attack

Authored by: Vikram Navali, Senior Technical Product Manager – A Golden Ticket is an open invitation for attackers to access all of an organization’s computers and servers, including Domain Controllers (DC). A Golden Ticket is a forged Kerberos Ticket-Granting Tickets (TGT) that enables attackers to generate Ticket Granting Service (TGS) tickets for any account in Active Directory and gain unrestricted …

Detecting a Kerberos Golden Ticket Attack Read More »

security-boulevard-logo

Top 8 Ways Attackers Can Own Active Directory

By Carolyn Crandall, chief security advocate, Attivo Networks Active Directory (AD) is one of the most valuable targets for cyberattackers because it handles authentication and authorization across all enterprise resources and touches virtually everything on the network. AD is complicated to secure, and today, red teams estimate that they can compromise it 100% of the time. …

Top 8 Ways Attackers Can Own Active Directory Read More »

Scroll to Top