NTLM

Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks

Feb 2, 2024 by iHash Leave a Comment

Russian state-sponsored actors have staged NT LAN Manager (NTLM) v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The attacks, attributed to an "aggressive" hacking crew called APT28, have set their eyes on organizations dealing with foreign affairs, energy, defense, and transportation, as well as those … [Read more...] about Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks

Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords

Jan 29, 2024 by iHash Leave a Comment

Jan 29, 2024NewsroomVulnerability / NTML Security A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file. The issue, tracked as CVE-2023-35636 (CVSS score: 6.5), was addressed by the tech giant as part of its Patch Tuesday updates for December 2023. "In an … [Read more...] about Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords

Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication

Oct 14, 2023 by iHash Leave a Comment

Oct 14, 2023NewsroomAuthentication / Endpoint Security Microsoft has announced that it plans to eliminate NT LAN Manager (NTLM) in Windows 11 in the future, as it pivots to alternative methods for authentication and bolster security. "The focus is on strengthening the Kerberos authentication protocol, which has been the default since 2000, and reducing reliance on NT LAN … [Read more...] about Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication

Detecting NTLM Relay Attacks with CrowdStrike Identity Protection

Jul 24, 2022 by iHash Leave a Comment

Adversaries often exploit legacy protocols like Windows NTLM that unfortunately remain widely deployed despite known vulnerabilities. Previous CrowdStrike blog posts have covered critical vulnerabilities in NTLM that allow remote code execution and other NTLM attacks where attackers could exploit vulnerabilities to bypass MIC (Message Integrity Code) protection, session signing … [Read more...] about Detecting NTLM Relay Attacks with CrowdStrike Identity Protection

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54

Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks

Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords

Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication

Detecting NTLM Relay Attacks with CrowdStrike Identity Protection