Dark Reading

How to Protect Your Environment From the NTLM Vulnerability

A new zero-day vulnerability in NTLM discovered by researchers at 0patch allows attackers to steal NTLM credentials by having a user view a specially crafted malicious file in Windows Explorer — no ...
Bleeping Computer

New Windows 11 feature blocks NTLM-based attacks over SMB

Microsoft added a new security feature to Windows 11 that lets admins block NTLM over SMB to prevent pass-the-hash, NTLM relay, or password-cracking attacks. This will modify the legacy approach where ...
TechRepublic

Microsoft warns of credential-stealing NTLM relay attacks against Windows domain controllers

Microsoft warns of credential-stealing NTLM relay attacks against Windows domain controllers Your email has been sent Microsoft is sounding an alert about a threat against Windows domain controllers ...
TechRepublic

Understanding and selecting authentication methods

If you are serious about computer/network security, then you must have a solid understanding of authentication methods. Debra Littlejohn Shinder takes a moment to lay out the role authentication plays ...
CSOonline

Malicious email campaign steals NTLM hashes

An initial access broker is able to grab authentication information when a victim opens the email attachments for access to Windows networks. A threat group that acts as an initial access broker is ...
Bleeping Computer

Microsoft shares mitigations for new PetitPotam NTLM relay attack

Microsoft has released mitigations for the new PetitPotam NTLM relay attack that allows taking over a domain controller or other Windows servers. PetitPotam is a new method that can be used to conduct ...
heise online

Microsoft takes measures against NTLM relay attacks

One attack vector for gaining access to the network is so-called NTLM relaying. Microsoft is now making this more difficult with new measures. A frequently observed attack vector that criminals use to ...