Security News

Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions
2024-08-18 08:00

Unpatched MS Office flaw may leak NTLM hashes to attackersA new MS Office zero-day vulnerability can be exploited by attackers to grab users' NTLM hashes, Microsoft has shared late last week. Key metrics for monitoring and improving ZTNA implementationsIn this Help Net Security interview, Dean Hamilton, CTO at Wilson Perumal & Company, discusses the complexities of zero trust network access implementation, focusing on balancing security with operational efficiency.

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)
2024-08-12 10:23

A new MS Office zero-day vulnerability can be exploited by attackers to grab users' NTLM hashes, Microsoft has shared late last week. Once attackers get a victim's NTLM hash, they can relay it another service and authenticate as the victim.

Microsoft discloses unpatched Office flaw that exposes NTLM hashes
2024-08-09 16:14

​Microsoft has disclosed a high-severity vulnerability affecting Office 2016 that could expose NTLM hashes to a remote attacker. [...]

Microsoft shows venerable and vulnerable NTLM security protocol the door
2024-06-06 12:00

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Microsoft deprecates Windows NTLM authentication protocol
2024-06-04 15:38

Microsoft has officially deprecated NTLM authentication on Windows and Windows servers, stating that developers should transition to Kerberos or Negotiation authentication to prevent problems in the future. New Technology LAN Manager, better known as NTLM, is an authentication protocol first released in 1993 as part of Windows NT 3.1 and as the successor to the LAN Manager protocol.

Windows 11 to Deprecate NTLM, Add AI-Powered App Controls and Security Defenses
2024-05-21 09:02

 Microsoft on Monday confirmed its plans to deprecate NT LAN Manager (NTLM) in Windows 11 in the second half of the year, as it announced a slew of new security measures to harden the widely-used...

Microsoft fixes Windows Server bug causing crashes, NTLM auth failures
2024-05-14 19:11

Microsoft has fixed a known issue causing NTLM authentication failures and domain controller reboots after installing last month's Windows Server security updates. [...]

Microsoft: April Windows Server updates cause NTLM auth failures
2024-05-01 15:17

Microsoft has confirmed customer reports of NTLM authentication failures and high load after installing last month's Windows Server security updates. According to a new entry added to the Windows health dashboard on Tuesday, this known issue will only affect Windows domain controllers in organizations with a lot of NTLM traffic and few primary DCs. The list of impacted Windows versions and buggy security updates includes Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, and Windows Server 2008.

Week in review: Attackers use phishing emails to steal NTLM hashes, Patch Tuesday forecast
2024-03-10 09:00

What organizations need to know about the Digital Operational Resilience ActIn this Help Net Security interview, Kris Lovejoy, Global Security and Resilience Leader at Kyndryl, discusses the impact of the Digital Operational Resilience Act on organizations across the EU, particularly in ICT risk management and cybersecurity. Cisco patches Secure Client VPN flaw that could reveal authentication tokensCisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which could be exploited by unauthenticated, remote attackers to grab users' valid SAML authentication token.

Hundreds of orgs targeted with emails aimed at stealing NTLM authentication hashes
2024-03-05 10:36

A threat actor specializing in establishing initial access to target organizations' computer systems and networks is using booby-trapped email attachments to steal employees' NTLM hashes. "User authentication in Windows is used to prove to a remote system that a user is who they say they are. NTLM does this by proving knowledge of a password during a challenge and response exchange without revealing the password to anyone," Microsoft said in a recent post that announced their goal to deprecate NTLM use in favor of Kerberos - a more modern, extensible and secure authentication protocol.