Explore an effective approach for creating persistence by exploiting vulnerabilities in Windows 10's security questions feature in this 23-minute Black Hat conference talk. Delve into how a well-intended security measure can become a potential threat, as presenters Magal Baz and Tom Sela demonstrate the risks associated with this feature introduced in April. Learn about LSA Secrets, their encryption and permissions, and how they relate to the new security questions. Discover remote LSA Secrets read/write implementations, remote password reset techniques, and methods to restore previous passwords. Witness a live demonstration of the exploit and gain valuable insights into recommendations for mitigating these security risks.