"Fifty Password Hashes Per Hour: How Insiders Could Compromise Any Corporate Network With A $20 Device"
Researchers at Kaspersky Lab conducted an investigation to discover if a network could be compromised without the use of malware. With the additional configuration of a Raspberry-Pi microcomputer, installation of publicly available tools used for stealthy password interception, and assembling of a server to gather captured data, researchers were able to collect up to 50 password hashes per hour from a corporate network. This article further discusses the demonstration of this attack, other findings of this study, and recommendations to protect computers and networks from attacks launched by similar DIY devices.
Submitted by Anonymous
on