all InfoSec news
RASP for LSASS: Preventing Mimikatz-Related Attacks. (arXiv:2401.00316v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
The Windows authentication infrastructure relies on the Local Security
Authority (LSA) system, with its integral component being lsass.exe.
Regrettably, this framework is not impervious, presenting vulnerabilities that
attract threat actors with malicious intent. By exploiting documented
vulnerabilities sourced from the CVE database or leveraging sophisticated tools
such as mimikatz, adversaries can successfully compromise user password-address
information.
In this comprehensive analysis, we delve into proactive measures aimed at
fortifying the local authentication subsystem against potential threats.
Moreover, we present empirical evidence …
adversaries attacks authentication authority cve database exploiting framework infrastructure intent local lsass malicious mimikatz rasp security system threat threat actors tools vulnerabilities windows