YoVDO

The Kerberos Key List Attack - The Return of the Read Only Domain Controllers

Offered By: Ekoparty Security Conference via YouTube

Tags

Ekoparty Security Conference Courses Cybersecurity Courses Passwordless Authentication Courses Authentication Protocols Courses

Course Description

Overview

Explore a 47-minute conference talk from Ekoparty 2021's Main Track that delves into the Kerberos Key List attack and its implications for Read Only Domain Controllers (RODCs) in Azure environments. Discover how Microsoft's push for Azure integration has led to new passwordless authentication features, particularly focusing on security key authentication. Uncover the hidden complexities behind the seamless Single Sign-On (SSO) experience and learn about a novel attack vector targeting RODCs using Kerberos Key List request messages. Gain insights from Leandro Cuozzo, a security researcher at SecureAuth specializing in authentication and identity security, as he presents this critical analysis of emerging security challenges in Azure authentication systems.

Syllabus

The Kerberos Key List attack: The return of the Read Only Domain Controllers ▪ Ekoparty 2021


Taught by

Ekoparty Security Conference

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network