all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

I Trusted You A Demonstrated Abuse of Cloud Kerberos Trust - Daniel Heinsen, Elad Shamir

Add to bookmarks
July 13, 2023, 8:10 p.m. | fwd:cloudsec

fwd:cloudsec www.youtube.com

Abstract: Microsoft has introduced a variety of protocols to abate the issue of authenticating to Azure AD and AD seamlessly. In the Windows Hello For Business setup, Cloud Kerberos Trust has been introduced to enable users to authenticate to Azure AD and still be able to access resources protected by legacy authentication mechanisms, like Kerberos. While this deployment model offers greater convenience, the ability to forge authentication material is delegated to Azure AD. This ability can be abused by attackers …

abuse authenticate azure azure ad business cloud daniel enable for business hello issue kerberos microsoft protocols trust windows windows hello

Visit resource

More from www.youtube.com / fwd:cloudsec

How Citi Advanced Their Containment Capabilities Through Automation - Damien Burks, Elvis Veliz 9 months, 1 week ago | www.youtube.com
advanced automation automation and orchestration aws +19
Google Cloud Threat Detection: A Study in Google Cloud - Day Johnson 9 months, 1 week ago | www.youtube.com
cloud detection finger google +7
Vulnerabilities and Misconfigurations in GitHub Actions - Rojan Rijal 9 months, 1 week ago | www.youtube.com
actions attack attack vectors cd pipeline +11
It's Just a Name, Right - Nathan Eades 9 months, 1 week ago | www.youtube.com
access attack aws cloud +17
AWS Presigned URLs The Good, The Bad, and The Ugly - Jarom Brown 9 months, 1 week ago | www.youtube.com
access actions attack attackers +13
Success Criteria for your CSPM - David White 9 months, 1 week ago | www.youtube.com
check claim cspm environment +6
Beyond the AWS Security Maturity Roadmap - Rami McCarthy 9 months, 1 week ago | www.youtube.com
aws beyond build cloud +11
Welcome - Aaron Zollman 9 months, 1 week ago | www.youtube.com
aaron conference expect
fwd:cloudsec State of the Union - Scott Piper 9 months, 2 weeks ago | www.youtube.com
cloud cloud security conference drive +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Application Security Engineer - Enterprise Engineering

@ Meta | Bellevue, WA | Seattle, WA | New York City | Fremont, CA
View on infosec-jobs.com

Security Engineer

@ Retool | San Francisco, CA
View on infosec-jobs.com

Senior Product Security Analyst

@ Boeing | USA - Seattle, WA
View on infosec-jobs.com

Junior Governance, Risk and Compliance (GRC) and Operations Support Analyst

@ McKenzie Intelligence Services | United Kingdom - Remote
View on infosec-jobs.com

GRC Integrity Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
View on infosec-jobs.com
View more jobs