Knowledge is power
Elad Shamir reports on the importance of understanding and protecting against Kerberos
Log4Shell, ProxyLogon, and ProxyShell vulnerabilities have dominated cybersecurity news over the past few weeks. A recent joint Cybersecurity Advisory from the CISA, NSA, FBI, ASCS, CCS and NZ NCSC, and NCSC-UK notes ‘Kerberoasting’ as a potential method for malicious escalation of privilege. The infamous Kerberoasting attack holds the dubious honour of being the most common method threat actors use to acquire higher privileges. Issues with authentication coercion and delegation add further layers of risk. Why is Kerberos . . .