Security News

Hundreds of orgs targeted with emails aimed at stealing NTLM authentication hashes
2024-03-05 10:36

A threat actor specializing in establishing initial access to target organizations' computer systems and networks is using booby-trapped email attachments to steal employees' NTLM hashes. "User authentication in Windows is used to prove to a remote system that a user is who they say they are. NTLM does this by proving knowledge of a password during a challenge and response exchange without revealing the password to anyone," Microsoft said in a recent post that announced their goal to deprecate NTLM use in favor of Kerberos - a more modern, extensible and secure authentication protocol.

Hackers steal Windows NTLM authentication hashes in phishing attacks
2024-03-04 21:15

The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager authentication hashes to perform account hijacks. NTLM hashes are used in Windows for authentication and session security and can be captured for offline password cracking to obtain the plaintext password.

AuthLogParser: Open-source tool for analyzing Linux authentication logs
2024-01-08 05:30

AuthLogParser is an open-source tool tailored for digital forensics and incident response, specifically crafted to analyze Linux authentication logs. Log file, extracting crucial details like SSH logins, user creations, event names, IP addresses, among others.

Breaking down the state of authentication
2024-01-05 05:00

In this Help Net Security video, Bassam Al-Khalidi, co-CEO of Axiad, discusses the results of Axiad's recent State of Authentication Survey. 39% indicated phishing is the most feared cyberattack, while 49% said it is the attack most likely to happen.

Chameleon Android Banking Trojan Variant Bypasses Biometric Authentication
2023-12-21 16:21

Cybersecurity researchers have discovered an updated version of an Android banking malware called Chameleon that has expanded its targeting to include users in the U.K. and Italy. "Representing a...

Hackers Can Exploit 'Forced Authentication' to Steal Windows NTLM Tokens
2023-11-28 10:23

Cybersecurity researchers have discovered a case of "forced authentication" that could be exploited to leak a Windows user's NT LAN Manager (NTLM) tokens by tricking a victim into opening a...

Report: The state of authentication security 2023
2023-11-28 03:45

Please turn on your JavaScript for this page to function normally. This survey set out to explore these challenges, to identify common practices, and to provide insight into how organizations can bolster their defenses.

Apple to Add Manual Authentication to iMessage
2023-11-22 12:08

Signal has had the ability to manually authenticate another account for years. The feature is called Contact Key Verification, and it does just what its name says: it lets you add a manual verification step in an iMessage conversation to confirm that the other person is who their device says they are.

Leaving Authentication Credentials in Public Code
2023-11-16 12:10

Researchers from security firm GitGuardian this week reported finding almost 4,000 unique secrets stashed inside a total of 450,000 projects submitted to PyPI, the official code repository for the Python programming language. Nearly 3,000 projects contained at least one unique secret.

How passkeys are changing the face of authentication
2023-10-23 05:00

Apple made passkeys automatic in its latest iOS releases, Microsoft expanded passkey use in Windows 11, and Google has enabled them in Chrome and Android devices, which has extended them to services such as DocuSign and PayPal. In October 2023, Google started offering passkeys as the default method for users signing into their accounts.