Security News > 2024 > December > Microsoft enforces defenses preventing NTLM relay attacks

Since making Kerberos the default Windows authentication protocol in 2000, Microsoft has been working on eventually retiring NTLM, its less secure and obsolete counterpart. Until NTLM gets disabled by default, Microsoft is working on shoring up defenses against NTLM relay attacks. How do NTLM relay attacks work? NTLM is a suite of Microsoft protocols that authenticate users and computers based on a challenge/response mechanism between the client (which seeks to be authenticated) and server (which … More → The post Microsoft enforces defenses preventing NTLM relay attacks appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/12/11/ntlm-relay-attacks-defenses-windows-server-exchange/
Related news
- CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks (source)
- Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)