The Password is Dead.

Authenticating to remote services with only a password is a thing of the past. Modern attack techniques make theft and reuse of passwords simple, yet we continue to use them to secure pretty much everything. In this post, we will review the various risks associated with password authentication and discuss what can be done to improve our security posture.

Understanding and Preventing Pass the Hash Attacks

Pass the hash is one of most prevalent techniques used in targeted attacks today, due to its ease of use and effectiveness.  Despite this prevalence, many organizations do misunderstand how the attack works and remain vulnerable.  In this post, I will describe how a pass the hash attack works and provide some effective ways to … Continue reading Understanding and Preventing Pass the Hash Attacks