You can add new features, just secure the old stuff first. [Research Saturday]

CyberWire Daily

N2K Networks, Inc.

News, Daily News, Tech News, Technology

4.8 • 1.1K Ratings

🗓️ 14 August 2021

⏱️ 30 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Guests Will Schroeder and Lee Christensen from SpecterOps join Dave to share the research they recently presented at Black Hat USA on the security of Microsoft's Active Directory Certificate Services. Their abstract: Microsoft’s Active Directory Public Key Infrastructure (PKI) implementation, known as Active Directory Certificate Services (AD CS), has largely flown under the radar of both the offensive and defensive communities. AD CS is widely deployed, and provides attackers opportunities for credential theft, machine persistence, domain escalation, and subtle domain persistence. We present relevant background on certificates in Active Directory, detail the abuse of AD CS through certificate theft and active malicious enrollments for user and machine persistence, discuss a set of common misconfigurations that can result in domain escalation, and explain a method for stealing a Certificate Authority’s private key in order to forge new user/machine “golden” certificates. By bringing light to the security implications of AD CS, we hope to raise awareness for both attackers and defenders alike of the security issues surrounding this complex, widely deployed, and often misunderstood system. The blog post and white paper can be found here: Certified Pre-Owned blog post Certified Pre-Owned white paper Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K.
0:07.0	Today's episode is sponsored by SRM, your first call for cybersecurity and
0:18.1	investigations. Threats today are evolving faster than ever before and since 2005 SRM has pioneered
0:25.3	tailored security solutions for global corporations and their executives.
0:29.5	Whether it's defending against cyber attacks with their award-winning team of ethical hackers and incident response specialists,
0:36.4	or navigating the murky waters of compliance and ESG challenges,
0:40.9	SRMs, Insight and Straight straightforward advice will help you navigate complex risks
0:46.4	and emerge more resilient.
0:48.4	Their secret, a culture that nurtures the sharpest minds, giving them access to the newest technologies and the freedom
0:55.3	to solve problems in new ways, enabling them to craft simple effective solutions for your
1:01.4	unique cyber challenges.
1:03.7	Search your first call to discover how SRM can help your business. Hello everyone and welcome to the CyberWire's research Saturday.
1:27.0	I'm Dave Bitner and this is our weekly conversation with researchers and analysts tracking
1:31.7	down threats and vulnerabilities, solving some of the hard problems of protecting
1:36.1	ourselves in a rapidly evolving cyberspace.
1:39.4	Thanks for joining us.
1:48.0	A lot of times people focus more on adding new features people focus more on adding new features
1:51.0	rather than you know securing and modernizing their older stuff or just completely
1:57.0	removing older things that shouldn't be used anymore.
2:00.4	That's Lee Christensen from Specter Ops. He and his colleague Will Schroeder are joining us today to discuss their research
2:07.0	abusing active directory certificate services. is.
2:19.0	Want to have your voice heard?
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.