Cybersecurity researchers at Proofpoint have uncovered a new tactic employed by cybercriminal threat actor TA577, shedding light on a lesser-seen objective in their operations. The group was found ...

Microsoft is beginning a phased process to disable NTLM, the decades-old, weak authentication protocol, by default in future ...

Two security vulnerabilities in Microsoft's NTLM authentication protocol allow attackers to bypass the MIC (Message Integrity Code) protection and downgrade NTLM security features leading to full ...

Future Windows updates will disable NTLM authentication, bolstering security and protecting users against legacy protocol vulnerabilities.

A vulnerability allowing attackers to leak NTLM authentication hashes with minimal user interaction has been actively exploited just days after Microsoft released a patch. The flaw, tracked as ...

Organizations using Open Policy Agent (OPA) for Windows should consider updating to v0.68.0 or later to protect against an authentication hash leakage vulnerability identified in all earlier versions ...

Microsoft recently patched a zero-day vulnerability under active exploit in Microsoft Outlook, identified as CVE-2023-23397, which could enable an attacker to perform a privilege escalation, accessing ...

Hackers and threat actors are constantly searching for new ways to breach systems for cybersecurity research or exploitation, respectively. Thankfully, French researcher Gilles Lionel got to an NTLM ...

The elevated privilege flaw exists in Microsoft Exchange and would allow a remote attacker to impersonate an administrator. Microsoft acknowledged an elevated privilege flaw in its Exchange Server ...

Microsoft today addressed two NTLM-related vulnerabilities privately disclosed by Preempt Security. The flaws allow for credential relay attacks. NTLM has a long history of serious vulnerabilities and ...