SOURCE: Lieberman Software

Lieberman Software Corporation - Privilege Management

April 21, 2015 12:05 ET

Lieberman Software's Security Double-Tap™ Defeats Golden Ticket Cyber Attacks

Privilege Management Platform Now Mitigates Pass-the-Ticket Kerberos Exploits

LOS ANGELES, CA--(Marketwired - April 21, 2015) - Lieberman Software Corporation today announced Security Double-Tap, a solution to block the destructive Golden Ticket cyber attack. This new feature is included in Enterprise Random Password Manager™ (ERPM) -- the company's privilege management platform -- and is being exhibited for the first time at RSA Conference 2015 in San Francisco, CA.

The Golden Ticket Cyber Attack

Today's enterprises are under assault from sophisticated cyber attacks like pass-the-hash (PTH) and pass-the-ticket (PTT). These advanced persistent threats -- at the core of some of the most notorious recent data breaches -- operate at nearly a 100% success rate.

While PTH is a more widely known threat, the related PTT attack is just as dangerous. PTT attacks target Kerberos, the default authentication protocol in Windows domains. PTT exploits Kerberos by hacking the server that stores a secret key protecting authentication. Once the attacker obtains this secret key, he gains unrestricted access throughout the IT environment -- essentially a "Golden Ticket." These attacks are launched using tools freely available online, such as WCE and Mimikatz. 

Removing Pass-the-Ticket Access from Compromised Machines

ERPM now provides an automated double password reset specifically designed to combat the Golden Ticket attack. The two password resets -- a Security Double-Tap -- force rapid replication of the changed credentials throughout the domain, to block the use of compromised accounts. In conjunction with this process, ERPM can also force an automatic chained reboot of target system to clear memory of hashes and passwords, and prevent memory scraping. 

"Conventional security counter measures cannot block sophisticated Golden Ticket attacks," said Philip Lieberman, President and CEO of Lieberman Software. "Changing local or domain passwords alone does not invalidate compromised tickets, and PTT exploits can bypass multifactor authentication. With Security Double-Tap, ERPM is the first commercially available product with a solution aimed specifically at Golden Ticket attacks."

About Enterprise Random Password Manager

ERPM is an automated privilege management solution that secures and manages the powerful privileged credentials in large enterprise environments. With ERPM, even if a cyber attack penetrates the network perimeter and steals credentials, those compromised credentials cannot be used to leapfrog between systems, and anonymously extract sensitive data. The key to blocking cyber attacks with ERPM is its ability to automatically discover, document and eliminate privileged account security threats before cyber attackers or malicious insiders can exploit them.

The new Security Double-Tap capability is available immediately to existing ERPM customers.

Learn More

For more information on Lieberman Software's new Security Double-Tap threat mitigation feature, visit the company in booths N3334 and S1523 at RSA Conference 2015 this week, or go to to download the white paper.

About Lieberman Software Corporation

Lieberman Software proactively stops cyber attacks that bypass conventional enterprise defenses and penetrate the network perimeter. The company provides award-winning privilege management and security management products to more than 1,400 customers worldwide, including nearly half of the US Fortune 50. By automatically locating, continuously securing and auditing privileged accounts -- both on-premises and in the cloud -- Lieberman Software controls access to systems with sensitive data, and defends against malicious insiders, zero day attacks and other advanced cyber threats. Lieberman Software is headquartered in Los Angeles, CA, with offices and channel partners located around the world. For more information, visit

Product and company names herein may be trademarks of their registered owners.

Contact Information