DevOps Articles

Curated articles, resources, tips and trends from the DevOps World.

How to Guard Against Kerberoasting Attacks

3 years ago thenewstack.io
How to Guard Against Kerberoasting Attacks

Summary: This is a summary of an article originally published by The New Stack. Read the full original article here →

The cyberattack method called Kerberoasting has been around for a while. In December 2020, the U.S. Department of Homeland Security issued a directive instructing federal agencies to guard against Kerberoasting as part of mitigating the danger of the SolarWinds attack.

Once attackers are inside the targeted environment, they execute Kerberoasting to steal hashes for service account credentials.

Host-based service accounts use a 128-character, randomly generated password that is changed every 30 days, and group managed service accounts (gMSAs) have random, complex, >100-character passwords that are changed automatically.

Because of the amount of noise that approach might create, a better strategy for stopping these types of attacks might simply be to require stronger passwords for service accounts.

Read More
Oh Dear
Oh Dear
The all-in-one monitoring tool for your entire website
Fathom
Fathom
Fathom Analytics: A Better Google Analytics Alternative
Namecheap
Namecheap
DevOpsChat Logo Your DevOps Community
Product
Useful Links

Made with pure grit © 2024 Jetpack Labs Inc. All rights reserved. www.jetpacklabs.com