Security News

Warning: Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes
2024-03-05 10:25

The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT LAN Manager (NTLM) hashes. The new attack chain “can be used for...

Hackers steal Windows NTLM authentication hashes in phishing attacks
2024-03-04 21:15

The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager authentication hashes to perform account hijacks. NTLM hashes are used in Windows for authentication and session security and can be captured for offline password cracking to obtain the plaintext password.

Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks
2024-02-02 14:49

Russian state-sponsored actors have staged NT LAN Manager (NTLM) v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The...

Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords
2024-01-29 13:31

A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file. The issue, tracked...

Week in review: 15 million Trello users’ scraped data on sale, attackers can steal NTLM hashes
2024-01-28 09:00

Beyond blockchain: Strategies for seamless digital asset integrationIn this Help Net Security interview, Jean-Philippe Aumasson, CSO at Taurus, emphasizes the often-overlooked complexities of key generation, storage, and distribution, underlining the necessity for a high level of security maturity in handling digital assets. Attackers can steal NTLM password hashes via calendar invitesA recently patched vulnerability in Microsoft Outlook that can be used by attackers to steal users' NTLM v2 hashes can be exploited by adding two headers to an email carrying a specially crafted file, security researcher Dolev Taler has shared on Friday.

Attackers can steal NTLM password hashes via calendar invites
2024-01-22 13:38

A recently patched vulnerability in Microsoft Outlook that can be used by attackers to steal users' NTLM v2 hashes can be exploited by adding two headers to an email carrying a specially crafted file, security researcher Dolev Taler has shared on Friday. He and his colleagues from Varonis Threat Labs have revealed two additional ways attackers can get users' NTLM v2 hashes and use them for offline brute-force or authentication relay attacks.

Hackers Can Exploit 'Forced Authentication' to Steal Windows NTLM Tokens
2023-11-28 10:23

Cybersecurity researchers have discovered a case of "forced authentication" that could be exploited to leak a Windows user's NT LAN Manager (NTLM) tokens by tricking a victim into opening a...

Microsoft Improves Windows Security with a Path to Move Off NTLM
2023-11-22 19:19

Now Microsoft plans to extend Kerberos in the versions of Windows and Windows Server that will ship in the next two years to help organizations move off NTLM. Here's what will change and how to prepare. How can I get ready to move off NTLM? Just over half of NTLM usage is for applications that hardcode in using NTLM. If you've done that in your own applications, you'll need to update the application: There aren't any shims or workarounds that Microsoft can do in Windows.

Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication
2023-10-14 06:29

Microsoft has announced that it plans to eliminate NT LAN Manager (NTLM) in Windows 11 in the future, as it pivots to alternative methods for authentication and bolster security. "The focus is on...

Microsoft plans to kill off NTLM authentication in Windows 11
2023-10-13 16:46

Microsoft announced earlier this week that the NTLM authentication protocol will be killed off in Windows 11 in the future. [...]