Windows 365 exposes Microsoft Azure credentials in plaintext

CyberTech

Level 37
Thread author
Verified
Top poster
Well-known
Nov 10, 2017
2,638
A security researcher has figured out a way to dump a user's unencrypted plaintext Microsoft Azure credentials from Microsoft's new Windows 365 Cloud PC service using Mimikatz.

Mimikatz is an open-source cybersecurity project created by Benjamin Delpy that allows researchers to test various credential stealing and impersonation vulnerabilities.

"It's well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket, build Golden tickets, play with certificates or private keys, vault, ... maybe make coffee?," explains the project's GitHub page.

While created for researchers, due to the power of its various modules, it is commonly used by threat actors to dump plaintext passwords from the memory of the LSASS process or perform pass-the-hash attacks using NTLM hashes.

Using this tool, threat actors can spread laterally throughout a network until they control a Windows domain controller, allowing them to take over the Windows domain.

The rest