December 14th, 2012
A recent whitepaper published by Microsoft describes an attack known as Pass-the-Hash (PtH), which has become a common attack vector for credential theft. A PtH attack is where an attacker captures account logon credentials, but instead of capturing the clear text password, the attacker captures the password hash, which can then be re-used to logon to network services, because the password hash is an unsalted MD4 hash.
I’m not going to go into too much depth in this post, as the whitepaper provides comprehensive information on these attacks, which I highly recommend you read – Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques
- March 29th, 2017
Sandra Salame, Operations Manager at Crestan, talks about the benefits of a partnership with Avecto and discusses our successful Middle East roadshow featuring award-winning speaker and Microsoft MVP Sami Laiho.
- February 27th, 2017
- November 23rd, 2016
Recently, the Avecto team travelled to the Middle East for a four-country roadshow, hopping from KSA to UAE, Jordan and finally Lebanon. We travelled with the esteemed Microsoft MVP, Sami Laiho and our partners in the region Crestan, in a bid to spread the message of the importance of back to basics security and for Sami to showcase the simplicity of breaking Windows without the right security foundations in place.
- May 13th, 2016
Least privilege was first put forward as a design principle by Jerry Saltzer and Mike Schroeder 40 years ago . Avecto, along with many others, has championed least privilege and our 5 reasons to love least privilege shows that it is key to mitigating attacks.
- March 7th, 2016
The challenge of finding the right balance between giving too many admin rights vs. too little admin rights is often talked about from the end user perspective, however the same challenge applies to those managing the IT department itself and this is a part of the journey that is often overlooked.