Hi there,
Is there some way to protect WinOS against this tool: http://blog.gentilkiwi.com/mimikatz (Sorry this is in french but the first print screen is relevant...)
According to the author (no NTLM, no admin /system/debug privilege, no local admins) but in real life we have to grant some users admin, and using this tool the right escalation may be devastating as it can dump and reverse password stored in memory...
Is there some native way to protect from this stuff except using strong authentication and uptodate AV software ?
Thanks for your feedback!