Each year, Microsoft invites security researchers (aka hackers) to speak to Microsoft employees about security issues.
One of the most interesting talks listed at “BlueHat” 2014 was the one by the “Pass-the-Hash” experts, Chris Campbell, Bejamin Delpy, and Skip Duckwall.
This talk will focus on the how Windows authentication works in the real world and what are the popular attacks against it. You will learn the thought process of attackers in the real world and how it differs from a defender’s perspective. We’ll also cover post-exploitation tools and techniques such as Mimikatz. Finally, we’ll discuss next steps – How do you design services that are breach-resistant and make authentication harder to crack.