Bypassing Local Windows Authentication to Defeat Full Disk Encryption
Offered By: Black Hat via YouTube
Course Description
Overview
Discover how to bypass Windows authentication and defeat full disk encryption in this 26-minute Black Hat conference talk. Learn about Microsoft BitLocker, its use of Trusted Platform Modules (TPM) for storing encryption keys, and how transparent BitLocker operates. Explore the vulnerabilities in Windows domain authentication and password reset processes that allow circumvention of BitLocker protection. Gain insights into why this attack works and its implications for data security. Understand the potential risks to enterprise data loss prevention strategies relying on full disk encryption without additional safeguards.
Syllabus
Bypassing Local Windows Authentication to Defeat Full Disk Encryption
Microsoft BitLocker
Storing Secrets on a TPM
Transparent BitLocker
Windows Domain Authentication
Password Reset
Reflections: Why Does This Work? • The protocol for password changes was
Black Hat Sound Bytes
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube