PASS THE HASH AND OTHER CREDENTIAL THEFT AND REUSE: MITIGATING THE RISK OF LATERAL MOVEMENT AND PRIVILEGE ESCALATION

Pass the Hash (PtH) has become one of the most widespread attacks affecting our customers and many of our customers have made it their top priority to address these attacks. In response, Microsoft has assembled a workgroup to investigate effective and practical mitigations that could be used now as well as future platform modifications. This presentation will cover the problem of credential theft and re-use, focusing on Pass-the-Hash attacks as an example, and discuss Microsoft’s recommended mitigations. The presenters are members of the workgroup: Patrick Jungles of the Trustworthy Computing group and Mark Simos of the Cybersecurity Services team.

Presented by