The Kerberos Key List Attack - The Return of the Read Only Domain Controllers
Offered By: Ekoparty Security Conference via YouTube
Course Description
Overview
Explore a 47-minute conference talk from Ekoparty 2021's Main Track that delves into the Kerberos Key List attack and its implications for Read Only Domain Controllers (RODCs) in Azure environments. Discover how Microsoft's push for Azure integration has led to new passwordless authentication features, particularly focusing on security key authentication. Uncover the hidden complexities behind the seamless Single Sign-On (SSO) experience and learn about a novel attack vector targeting RODCs using Kerberos Key List request messages. Gain insights from Leandro Cuozzo, a security researcher at SecureAuth specializing in authentication and identity security, as he presents this critical analysis of emerging security challenges in Azure authentication systems.
Syllabus
The Kerberos Key List attack: The return of the Read Only Domain Controllers ▪ Ekoparty 2021
Taught by
Ekoparty Security Conference
Related Courses
Case Studies in Embedded VR - Silvio Cesare - Ekoparty Security Conference - 2022Ekoparty Security Conference via YouTube The Making of an Aerospace Village Badge - Dan Allen - Ekoparty 2021: Patagon Aerospace
Ekoparty Security Conference via YouTube IIoT, Data Infrastructure, Smart Factory - Sarka Pekarova - Ekoparty 2021: OT - IIOT - IOT Space
Ekoparty Security Conference via YouTube Gotham City- SSH from Zero to Trust - Lucas Calisi - Ekoparty Security Conference - 2021
Ekoparty Security Conference via YouTube Sleight of ARM- Demystifying Intel Houdini - Brian Hong - Ekoparty 2021- Hardware Hacking Space
Ekoparty Security Conference via YouTube