Security News

The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT LAN Manager (NTLM) hashes. The new attack chain “can be used for...

The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager authentication hashes to perform account hijacks. NTLM hashes are used in Windows for authentication and session security and can be captured for offline password cracking to obtain the plaintext password.

Russian state-sponsored actors have staged NT LAN Manager (NTLM) v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The...

A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file. The issue, tracked...

Beyond blockchain: Strategies for seamless digital asset integrationIn this Help Net Security interview, Jean-Philippe Aumasson, CSO at Taurus, emphasizes the often-overlooked complexities of key generation, storage, and distribution, underlining the necessity for a high level of security maturity in handling digital assets. Attackers can steal NTLM password hashes via calendar invitesA recently patched vulnerability in Microsoft Outlook that can be used by attackers to steal users' NTLM v2 hashes can be exploited by adding two headers to an email carrying a specially crafted file, security researcher Dolev Taler has shared on Friday.

A recently patched vulnerability in Microsoft Outlook that can be used by attackers to steal users' NTLM v2 hashes can be exploited by adding two headers to an email carrying a specially crafted file, security researcher Dolev Taler has shared on Friday. He and his colleagues from Varonis Threat Labs have revealed two additional ways attackers can get users' NTLM v2 hashes and use them for offline brute-force or authentication relay attacks.

Cybersecurity researchers have discovered a case of "forced authentication" that could be exploited to leak a Windows user's NT LAN Manager (NTLM) tokens by tricking a victim into opening a...

Now Microsoft plans to extend Kerberos in the versions of Windows and Windows Server that will ship in the next two years to help organizations move off NTLM. Here's what will change and how to prepare. How can I get ready to move off NTLM? Just over half of NTLM usage is for applications that hardcode in using NTLM. If you've done that in your own applications, you'll need to update the application: There aren't any shims or workarounds that Microsoft can do in Windows.

Microsoft has announced that it plans to eliminate NT LAN Manager (NTLM) in Windows 11 in the future, as it pivots to alternative methods for authentication and bolster security. "The focus is on...

Microsoft announced earlier this week that the NTLM authentication protocol will be killed off in Windows 11 in the future. [...]