Security News > 2023 > November > Hackers Can Exploit 'Forced Authentication' to Steal Windows NTLM Tokens
2023-11-28 10:23
Cybersecurity researchers have discovered a case of "forced authentication" that could be exploited to leak a Windows user's NT LAN Manager (NTLM) tokens by tricking a victim into opening a specially crafted Microsoft Access file. The attack takes advantage of a legitimate feature in the database management system solution that allows users to link to external data sources, such as a remote SQL
News URL
https://thehackernews.com/2023/11/hackers-can-exploit-forced.html
Related news
- Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens (source)
- APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign (source)
- Hackers exploit ProjectSend flaw to backdoor exposed servers (source)
- Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities (source)
- Hackers Target Uyghurs and Tibetans with MOONSHINE Exploit and DarkNimbus Backdoor (source)
- New Windows zero-day exposes NTLM credentials, gets unofficial patch (source)
- Micropatchers share 1-instruction fix for NTLM hash leak flaw in Windows 7+ (source)
- New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
- Hackers exploit DoS flaw to disable Palo Alto Networks firewalls (source)