-
Microsoft patches Windows zero-day exploited in attacks on Ukraine
Suspected Russian hackers were caught exploiting a recently patched Windows vulnerability as a zero-day in ongoing attacks targeting Ukrainian entities.
- November 13, 2024
- 04:33 PM
0
-
New Windows Themes zero-day gets free, unofficial patches
Free unofficial patches are now available for a new Windows Themes zero-day vulnerability that allows attackers to steal a target's NTLM credentials remotely.
- October 29, 2024
- 04:21 PM
1
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
Exploit released for new Windows Server "WinReg" NTLM Relay attack
Proof-of-concept exploit code is now public for a vulnerability in Microsoft's Remote Registry client that could be used to take control of a Windows domain by downgrading the security of the authentication process.
- October 22, 2024
- 01:26 PM
- 0
-
Microsoft discloses unpatched Office flaw that exposes NTLM hashes
Microsoft has disclosed a high-severity vulnerability affecting Office 2016 that could expose NTLM hashes to a remote attacker.
- August 09, 2024
- 12:14 PM
- 2
-
Microsoft deprecates Windows NTLM authentication protocol
Microsoft has officially deprecated NTLM authentication on Windows and Windows servers, stating that developers should transition to Kerberos or Negotiation authentication to prevent problems in the future.
- June 04, 2024
- 11:38 AM
- 0
-
Microsoft fixes Windows Server bug causing crashes, NTLM auth failures
Microsoft has fixed a known issue causing NTLM authentication failures and domain controller reboots after installing last month's Windows Server security updates.
- May 14, 2024
- 03:11 PM
- 0
-
Microsoft: April Windows Server updates cause NTLM auth failures
Microsoft has confirmed customer reports of NTLM authentication failures and high load after installing last month's Windows Server security updates.
- May 01, 2024
- 11:17 AM
- 3
-
Hackers steal Windows NTLM authentication hashes in phishing attacks
The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager (NTLM) authentication hashes to perform account hijacks.
- March 04, 2024
- 04:15 PM
- 2
-
Veeam warns of critical bugs in Veeam ONE monitoring platform
Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical.
- November 06, 2023
- 04:58 PM
- 0
-
Microsoft plans to kill off NTLM authentication in Windows 11
Microsoft announced earlier this week that the NTLM authentication protocol will be killed off in Windows 11 in the future.
- October 13, 2023
- 12:46 PM
- 3
-
New Windows 11 feature blocks NTLM-based attacks over SMB
Microsoft added a new security feature to Windows 11 that lets admins block NTLM over SMB to prevent pass-the-hash, NTLM relay, or password-cracking attacks.
- September 13, 2023
- 02:27 PM
- 0
-
Sponsored Content
Pass-the-Hash Attacks and How to Prevent them in Windows Domains
Hackers often start out with nothing more than a low-level user account and then work to gain additional privileges that will allow them to take over the network. One of the methods that is commonly used to acquire these privileges is a pass-the-hash attack. Here are five steps to prevent a pass-the-hash attack in a Windows domain.
- September 27, 2022
- 10:05 AM
- 0
-
Windows 'RemotePotato0' zero-day gets an unofficial patch
A privilege escalation vulnerability impacting all Windows versions that can let threat actors gain domain admin privileges through an NTLM relay attack has received unofficial patches after Microsoft tagged it as "won't fix."
- January 13, 2022
- 12:31 PM
- 0
-
Microsoft shares mitigations for new PetitPotam NTLM relay attack
Microsoft has released mitigations for the new PetitPotam NTLM relay attack that allows taking over a domain controller or other Windows servers.
- July 24, 2021
- 07:38 PM
- 0
-
Windows 10 themes can be abused to steal Windows passwords
Specially crafted Windows 10 themes and theme packs can be used in 'Pass-the-Hash' attacks to steal Windows account credentials from unsuspecting users.
- September 07, 2020
- 12:38 PM
- 2
-
Russian hackers tried to steal San Francisco airport Windows accounts
The hack of employee web sites belonging to the San Francisco International Airport has been attributed to a Russian hacker group who used the SMB protocol to steal Windows passwords.
- April 14, 2020
- 10:14 AM
- 0
-
Zoom Lets Attackers Steal Windows Credentials, Run Programs via UNC Links
The Zoom Windows client is vulnerable to UNC path injection in the client's chat feature that could allow attackers to steal the Windows credentials of users who click on the link.
- March 31, 2020
- 11:59 PM
- 8
-
New Microsoft NTLM Flaws May Allow Full Domain Compromise
Two security vulnerabilities in Microsoft's NTLM authentication protocol allow attackers to bypass the MIC (Message Integrity Code) protection and downgrade NTLM security features leading to full domain compromise of a network.
- October 09, 2019
- 11:15 AM
- 1
-
Microsoft NTLM Flaws Expose All Windows Machines to RCE Attacks
Two critical vulnerabilities in Microsoft's NTLM authentication protocol consisting of three logical flaws make it possible for attackers to run remote code and authenticate on machines running any Windows version.
- June 11, 2019
- 01:05 PM
- 0
-
PDF Files Can Be Abused to Steal Windows Credentials
PDF files can be weaponized by malicious actors to steal Windows credentials (NTLM hashes) without any user interaction, and only by opening a file, according to Assaf Baharav, a security researcher with cyber-security Check Point.
- April 27, 2018
- 12:21 PM
- 6
1
- 1
- 2
