Security News > 2024 > December > Microsoft enforces defenses preventing NTLM relay attacks
2024-12-11 12:59
Since making Kerberos the default Windows authentication protocol in 2000, Microsoft has been working on eventually retiring NTLM, its less secure and obsolete counterpart. Until NTLM gets disabled by default, Microsoft is working on shoring up defenses against NTLM relay attacks. How do NTLM relay attacks work? NTLM is a suite of Microsoft protocols that authenticate users and computers based on a challenge/response mechanism between the client (which seeks to be authenticated) and server (which … More → The post Microsoft enforces defenses preventing NTLM relay attacks appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/12/11/ntlm-relay-attacks-defenses-windows-server-exchange/
Related news
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Microsoft fixes under-attack privilege-escalation holes in Hyper-V (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Defense strategies to counter escalating hybrid attacks (source)
- Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks (source)
- Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)