Thycotic Secret Server: Offline Decryption Methodology

1 · trustedsec · July 28, 2020, 3:23 p.m.
On offensive engagements, we frequently encounter centralized internal password managers that are used by various departments to store incredibly sensitive account information, such as Domain Admin accounts, API keys, credit card data, the works. It used to be that these systems were implemented without multi-factor authentication. “Hacking” them was as simple as finding somebody that... The post Thycotic Secret Server: Offline Decryption Methodology appeared first on TrustedSec....