Bleeping Computer

New Microsoft NTLM Flaws May Allow Full Domain Compromise

Two security vulnerabilities in Microsoft's NTLM authentication protocol allow attackers to bypass the MIC (Message Integrity Code) protection and downgrade NTLM security features leading to full ...
Dark Reading

How NTLM and Kerberos Are Still Abused in AD Attacks

Authentication sits at the heart of enterprise security, making passwords and the authentication mechanisms that use them, prime targets for cybercriminals. For more than 90% of organizations that use ...
Dark Reading

How to Protect Your Environment From the NTLM Vulnerability

A new zero-day vulnerability in NTLM discovered by researchers at 0patch allows attackers to steal NTLM credentials by having a user view a specially crafted malicious file in Windows Explorer — no ...
Bleeping Computer

Microsoft to disable NTLM by default in future Windows releases

Microsoft announced that it will disable the 30-year-old NTLM authentication protocol by default in upcoming Windows releases due to security vulnerabilities that expose organizations to cyberattacks.
TechRepublic

Microsoft warns of credential-stealing NTLM relay attacks against Windows domain controllers

Microsoft warns of credential-stealing NTLM relay attacks against Windows domain controllers Your email has been sent Microsoft is sounding an alert about a threat against Windows domain controllers ...
CSOonline

Ridding your network of NTLM

The path to eradicating this ancient protocol and security sinkhole won’t be easy, but the time has come for its complete eradication. Microsoft has hinted at a possible end to NTLM a few times, but ...