Kerberoasting
Kerberoasting is an attack that hackers use to steal passwords of user accounts on a Microsoft Windows domain. It can be done by requesting to a specific server the encrypted password of an account with the Kerberos authentication protocol. Once the encrypted password is obtained, the attacker can then use a special tool to crack the password and gain access to the user’s account. This can be especially dangerous for high-privileged accounts, such as those of system administrators, as the attacker can gain access to sensitive data and control over the network. To protect against Kerberoasting, it is important to regularly change passwords and implement strong password policies, as well as limit users’ privileges and monitor network activity.