November 9th, 2014
Earlier this year, a study from IDC and the National University of Singapore (NUS) predicted that enterprises will spend around $500 billion in 2014 on making fixes and recovering from data breaches and malware. In the past few months alone, we’ve seen Target reveal the cost of its recent breach could reach as much as $148 million. The figures are stark, but for the uninitiated the world of malware and its history is something of a mystery. So, where did they originate? How have they changed? And what does the future of malware look like?
- December 14th, 2012
A recent whitepaper published by Microsoft describes an attack known as Pass-the-Hash (PtH), which has become a common attack vector for credential theft. A PtH attack is where an attacker captures account logon credentials, but instead of capturing the clear text password, the attacker captures the password hash, which can then be re-used to logon to network services, because the password hash is an unsalted MD4 hash.
I’m not going to go into too much depth in this post, as the whitepaper provides comprehensive information on these attacks, which I highly recommend you read – Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques