InfoWorld

Getting a grip on better password hashes

Many of today’s computer passwords are stored and transmitted in a cryptographic hashed form. A strong password hash algorithm ensures that if the password hash is obtained by unauthorized parties ...
Infosecurity-magazine.com

TA577 Exploits NTLM Authentication Vulnerability

Cybersecurity researchers at Proofpoint have uncovered a new tactic employed by cybercriminal threat actor TA577, shedding light on a lesser-seen objective in their operations. The group was found ...
Dark Reading

How NTLM and Kerberos Are Still Abused in AD Attacks

Authentication sits at the heart of enterprise security, making passwords and the authentication mechanisms that use them, prime targets for cybercriminals. For more than 90% of organizations that use ...
Infosecurity-magazine.com

NTLM Hash Exploit Targets Poland and Romania Days After Patch

A vulnerability allowing attackers to leak NTLM authentication hashes with minimal user interaction has been actively exploited just days after Microsoft released a patch. The flaw, tracked as ...
Dark Reading

OPA for Windows Vulnerability Exposes NTLM Hashes

Organizations using Open Policy Agent (OPA) for Windows should consider updating to v0.68.0 or later to protect against an authentication hash leakage vulnerability identified in all earlier versions ...
PC World

Critical design flaw in Microsoft’s Active Directory could allow password change

Microsoft’s widely used software for brokering network access has a critical design flaw, an Israeli security firm said, but Microsoft contends the issue has been long-known and defenses are in place.