Security News > 2023 > November > Hackers Can Exploit 'Forced Authentication' to Steal Windows NTLM Tokens
2023-11-28 10:23
Cybersecurity researchers have discovered a case of "forced authentication" that could be exploited to leak a Windows user's NT LAN Manager (NTLM) tokens by tricking a victim into opening a specially crafted Microsoft Access file. The attack takes advantage of a legitimate feature in the database management system solution that allows users to link to external data sources, such as a remote SQL
News URL
https://thehackernews.com/2023/11/hackers-can-exploit-forced.html
Related news
- Iranian hackers now exploit Windows flaw to elevate privileges (source)
- Exploit released for new Windows Server "WinReg" NTLM Relay attack (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf (source)
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials (source)
- Hackers exploit Roundcube webmail flaw to steal email, credentials (source)
- Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Windows Themes zero-day bug exposes users to NTLM credential theft (source)