Entrust at RSA: ‘Pass the Hash’
Jason Soroko, Entrust’s head of malware research, is causing quite the RSA buzz with his latest video presentation: “Pass the Hash.”
Outlined in a blog post a few weeks ago, Soroko explains about a lesser-known attack vector that exploits single sign-on (SSO) technology added to Windows about 20 years ago. And it’s still exploitable in most corporate networks. The presentation highlights the issue of identity ambiguity and why traditional defenses are important, but insufficient.
The worrying part? Even today, this type of attack is poorly defended by the majority of security solutions found and promoted on the RSA event floor.
Every time you log in to a Windows-based PC, a cryptographic hash of your username and password is stored in a protected portion of memory on your PC. That hash is simply an alphanumeric representation of your username and password. When cybercriminals are able to access that hash, it can be used to authenticate to computers on the network where the user has credentials.
Visit us all week at Entrust Booth 2615 to hear Jason discuss what happens if your network hash is compromised and how to defend your network from malicious attacks. Have a few minutes? Don’t be afraid to ask him about SMS redirection, sessions-riding, deep malware pipelines and more.
Entrust at RSA Conference 2014 | Moscone Center | Booth 2615
- Entrust at RSA: The Week Ahead
- Entrust at RSA: Back to the Bay Area
- Entrust at RSA: Ready for Day 2
- Entrust at RSA: ‘Pass the Hash’
- Entrust at RSA: How to Manage Identities, Certificates from the Cloud
- Entrust at RSA: Live for Day 3
- Entrust at RSA: Providing Flexibility, Choice with an Authentication Platform
- Entrust at RSA: Two for Two at SC Awards 2014
- Entrust at RSA: Secure Mobile is the New Enterprise Desktop
- Entrust at RSA: VP Rockvam’s Exclusive Interview with iSMG
- Entrust at RSA: Day 4 Finale
- Entrust at RSA: And We’re Out