Today's top stories

4 Windows 10 settings to prevent credential theft

Review these Windows settings to make sure you're not making it easy for attackers to steal login credentials.

A conceptual representation of accessing username and password credentials.
Weedezign / Getty Images

A recent Crowdstrike blog post talked about how attackers were targeting a specific industry.  What caught my eye was how they ensured that they were able to steal the credentials in the firm: “Five minutes after gaining access to the host …, the adversary modified the registry to implement a widely known procedure that enables credentials to be stored in clear text within memory, facilitating credential theft:

reg add hklm\system\currentcontrolset\control\securityproviders\wdigest /v UseLogonCredential /t REG_DWORD /d 1 /F

Last year I wrote about how to prevent the use of WDigest credential theft. Clearly, not everyone has learned the lesson. Attackers use old attacks because they still work—and work well. What can you do to ensure that you aren’t this easy to attack?

Know what you are protecting

To continue reading this article register now

Subscribe today! Get the best in cybersecurity, delivered to your inbox.