Security News > 2024 > December > Microsoft enforces defenses preventing NTLM relay attacks
2024-12-11 12:59
Since making Kerberos the default Windows authentication protocol in 2000, Microsoft has been working on eventually retiring NTLM, its less secure and obsolete counterpart. Until NTLM gets disabled by default, Microsoft is working on shoring up defenses against NTLM relay attacks. How do NTLM relay attacks work? NTLM is a suite of Microsoft protocols that authenticate users and computers based on a challenge/response mechanism between the client (which seeks to be authenticated) and server (which … More → The post Microsoft enforces defenses preventing NTLM relay attacks appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/12/11/ntlm-relay-attacks-defenses-windows-server-exchange/
Related news
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)