Hackers Using Fake Certificates to Infiltrate Corporate Networks
- С сайта: Vulnerability cybersecuritynews.com
- Вернуться к списку новостей
Hackers Using Fake Certificates to Infiltrate Corporate Networks
Author: SujathaUsing fake certificates, attackers gain unauthorized access to corporate network resources.
Attackers use such certificates to trick the Key Distribution Center (KDC) to get into the target company’s network.
Shadow Credentials are an example of such an attack. This technique allows an attacker to take over an AD user or computer account.
Certificate-based TGT- Requests In Kerberos authentication, a Ticket Granting Ticket (TGT) is a user authentication token issued by the Key Distribution Center (KDC).
A key distribution center (KDC) in cryptography is a system that is responsible for providing keys to the users in a network that shares sensitive or private data.
TGT is used to request access tokens from the Ticket Granting Service (TGS) for specific resources/systems joined to the domain.
Essentially, a TGT is proof of successful user authentication, usually by password.
The alternate way to get TGT is by using a certificate. The KDC must trust the provided certificate, and the certificate must relate to the subject requested in the TGT.
Kerberos authentication scheme (Kaspersky)
#Cyber_Attack #Cyber_Security_News #Vulnerability #cyber_attack #cyber_security
Оригинальная версия на сайте: