Security News

Microsoft NTLM vulnerabilities could lead to full domain compromise
2019-10-10 12:58

Preempt researchers have discovered two vulnerabilities that may allow attackers to bypass a number of protections and mitigations against NTLM relay attacks and, in some cases, to achieve full...

Microsoft Patches Critical Vulnerabilities in NTLM
2019-06-12 16:04

Microsoft on Tuesday released security patches for nearly 90 vulnerabilities, including two Critical bugs impacting the proprietary authentication protocol NTLM.  read more

How to protect your network against security flaws in Microsoft's NTLM protocol
2019-06-11 17:00

Vulnerabilities in NTLM recently discovered by security provider Preempt could allow attackers to remotely execute malicious code on any Windows machine or authenticate to any web server that...

Critical Microsoft NTLM vulnerabilities allow remote code execution on any Windows machine
2019-06-11 16:57

The Preempt research team found two critical Microsoft vulnerabilities that consist of three logical flaws in NTLM, the company’s proprietary authentication protocol. These vulnerabilities allow...

Use an 8-char Windows NTLM password? Don't. Every single one can be cracked in under 2.5hrs
2019-02-14 22:56

CorrectHorseBatteryStaple once again more secure and memorable than ff3sd21n HashCat, an open source password recovery tool, can now crack an eight-character Windows NTLM password hash in less...

Researcher Escalates Privileges on Exchange 2013 via NTLM Relay Attack
2019-01-29 15:20

Microsoft Exchange 2013 and newer versions allow an attacker to escalate privileges when performing a NT LAN Manager (NTLM) relay attack, a security researcher warns. read more

PDF Files Can Silently Leak NTLM Credentials
2018-04-30 12:19

NTML credentials can be stolen via malicious Portable Document Format (PDF) files without any user interaction, Check Point security researchers warn. read more

Microsoft Patches LDAP Relay Vulnerability in NTLM (Security Week)
2017-07-12 13:50

Microsoft resolved over 30 bugs with its July 2017 set of security patches, one being a vulnerability where the Lightweight Directory Access Protocol (LDAP) wasn’t protected from Microsoft NT LAN...

Critical Flaws Found in Windows NTLM Security Protocol – Patch Now (The Hackers News)
2017-07-12 00:23

As part of this month's Patch Tuesday, Microsoft has released security patches for a serious privilege escalation vulnerability which affect all versions of its Windows operating system for...

Microsoft Addresses NTLM Bugs That Facilitate Credential Relay Attacks (Threatpost)
2017-07-11 17:43

Microsoft today addressed two NTLM-related vulnerabilities privately disclosed by Preempt Security. The flaws allow for credential relay attacks.