Bleeping Computer

Windows 10 themes can be abused to steal Windows passwords

Specially crafted Windows 10 themes and theme packs can be used in 'Pass-the-Hash' attacks to steal Windows account credentials from unsuspecting users. Windows allows users to create custom themes ...
Bleeping Computer

Microsoft discloses unpatched Office flaw that exposes NTLM hashes

Microsoft has disclosed a high-severity vulnerability affecting Office 2016 that could expose NTLM hashes to a remote attacker. Tracked as CVE-2024-38200, this security flaw is caused by an ...
techtimes

Microsoft Outlook Security Flaw Exposed: NTLM v2 Passwords at Risk

A recently addressed security flaw in Microsoft Outlook has been identified as a significant threat, potentially allowing threat actors to exploit it to gain access to NT LAN Manager (NTLM) v2 hashed ...
Dark Reading

Microsoft NTLM Zero-Day to Remain Unpatched Until April

Microsoft has released fresh guidance to organizations on how to mitigate NTLM relay attacks by default, days after researchers reported finding a NTLM hash disclosure zero-day in all versions of ...
heise online

Windows Networks: Google Mandiant Delivers the Coup de Grâce to Microsoft's NTLM

Google provides assistance in cracking NTLM hashes, provoking Microsoft and also admins who are concerned about the security of their Windows networks. Microsoft's authentication method NTLM is a ...
Infosecurity-magazine.com

TA577 Exploits NTLM Authentication Vulnerability

Cybersecurity researchers at Proofpoint have uncovered a new tactic employed by cybercriminal threat actor TA577, shedding light on a lesser-seen objective in their operations. The group was found ...