Password caching and local admin rights considered harmful

Another item from Austin Osuide, The Coolest Man in the World (tm). The gist of the attack vector allows a user with local admin privs to recover the password hashes of anyone that has logged into the machine (including admins), and then inject the hashes into an authentication transaction with... [More]