Entrust at RSA: ‘Pass the Hash’

Part 4 of 12 in the Series — Entrust at RSA 2014


Jason Soroko, Entrust’s head of malware research, is causing quite the RSA buzz with his latest video presentation: “Pass the Hash.”

Outlined in a blog post a few weeks ago, Soroko explains about a lesser-known attack vector that exploits single sign-on (SSO) technology added to Windows about 20 years ago. And it’s still exploitable in most corporate networks. The presentation highlights the issue of identity ambiguity and why traditional defenses are important, but insufficient.

The worrying part? Even today, this type of attack is poorly defended by the majority of security solutions found and promoted on the RSA event floor.

Every time you log in to a Windows-based PC, a cryptographic hash of your username and password is stored in a protected portion of memory on your PC. That hash is simply an alphanumeric representation of your username and password. When cybercriminals are able to access that hash, it can be used to authenticate to computers on the network where the user has credentials.

Visit us all week at Entrust Booth 2615 to hear Jason discuss what happens if your network hash is compromised and how to defend your network from malicious attacks. Have a few minutes? Don’t be afraid to ask him about SMS redirection, sessions-riding, deep malware pipelines and more.

Entrust at RSA Conference 2014 | Moscone Center | Booth 2615


Entrust provides identity-based security solutions that empower enterprises, consumers, citizens and websites in more than 5,000 organizations spanning 85 countries. Entrust's identity-based approach offers the right balance between affordability, expertise and service. With more than 125 patents granted and pending, these world-class solutions include strong authentication, physical and logical access, credentialing, mobile security, fraud detection, digital certificates, SSL and PKI.


Add to the Conversation