Windows – CVE-2025-24054 : cet exploit NTLM est utilisé pour cibler entreprises et gouvernements https://www.it-connect.fr/windows-cve-2025-24054-cet-exploit-ntlm-est-utilise-pour-cibler-entreprises-et-gouvernements/ #ActuCybersécurité #Cybersécurité #Phishing #Windows #NTLM

Fresh Windows NTLM Vulnerability Exploited in Attacks – Source: www.securityweek.com https://ciso2ciso.com/fresh-windows-ntlm-vulnerability-exploited-in-attacks-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #vulnerabilities #securityweekcom #securityweek #Exploited #FEATURED #Windows #NTLM

#Windows #NTLM hash leak flaw exploited in #phishing attacks on governments

https://www.bleepingcomputer.com/news/security/windows-ntlm-hash-leak-flaw-exploited-in-phishing-attacks-on-governments/

New #Windows zero-day leaks #NTLM hashes, gets unofficial patch

https://www.bleepingcomputer.com/news/security/new-windows-zero-day-leaks-ntlm-hashes-gets-unofficial-patch/

A new zero-day vulnerability has been discovered that allows attackers to capture #NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. #cybersecurity #zeroday https://www.bleepingcomputer.com/news/security/new-windows-zero-day-exposes-ntlm-credentials-gets-unofficial-patch/

#Microsoft Fixes 90 New #Flaws, Including Actively Exploited #NTLM and Task Scheduler #Bugs
https://thehackernews.com/2024/11/microsoft-fixes-90-new-vulnerabilities.html

Need to convert a #wordlist to #hash? Meet #hashgen, the blazingly fast hash generator. Currently supports 18+ modes such as #md5, #sha, #ntlm, #crc, #base64 encode/decode, and converting $HEX[] to #plaintext.
Cross-compilable for Linux, Windows and Mac.
https://forum.hashpwn.net/post/89
#hashpwn #hashcracking #hashcat #hex

One example why to use strong #passwords for users who use file sharing over #SMB even when the file transfers are #encrypted.
If the SMB traffic is captured/eavesdropped, then the attacker can try to crack the user password.
The attacker is able to extract challenge/response values from the Session Setup and then use #passwordcracking tools such as #hashcat

If the attack is successful, the attacker will gain not only the access to the user account, but it is also possible to decrypt the captured SMB file transfers. There is lack of perfect forward secrecy in this encryption.

For more details and practical examples, see this blog post:

https://malwarelab.eu/posts/tryhackme-smb-decryption/

De onzichtbare dreiging van microsoft outlook beveiligingslekken https://www.trendingtech.news/trending-news/2024/08/28968/de-onzichtbare-dreiging-van-microsoft-outlook-beveiligingslekken #Microsoft Outlook Beveiligingslek #CVE-2024-38173 #e-mailvoorbeeld functie #NTLM compromittatie #Automated Moving Target Defense #Trending #News #Nieuws

Microsoft prêt à abandonner le protocole d’authentification NTLM ! https://www.it-connect.fr/microsoft-abandon-protocole-authentification-ntlm-windows/ #Logiciel-OS #Microsoft #Windows #NTLM

New cheatsheets pushed

https://github.com/r1cksec/cheatsheets

Including:

A nice blogpost about different ntlm relay attack scenarios

https://www.guidepointsecurity.com/blog/beyond-the-basics-exploring-uncommon-ntlm-relay-attack-techniques

Using the Windows Security Center service, it is possible to deactivate Windows Defender by telling the service that a different antivirus program is being used

https://github.com/es3n1n/no-defender

A quite interesting phishing technique in which the legitimate platform Yousign is used as a communication and hosting channel

https://www.agari.com/blog/active-phishing-campaign-yousign-hr-lure

VBScript Addio! Microsoft Annuncia la Graduale Eliminazione Entro il 2027

E’ ora di pulizie in casa #Microsoft! Dopo #NTLM ora anche #VBScript si vuole eliminare dall’architettura di #Windows.

#redhotcyber #online #it #ai #hacking #innovation #privacy #cybersecurity #technology #engineering #cybercrime #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #infosecurity

https://www.redhotcyber.com/post/vbscript-addio-microsoft-annuncia-la-graduale-eliminazione-entro-il-2027/

Addio ad NTLM! Microsoft eliminino a metà 2024 un pezzo di storia che ha fatto molto discutere

Questa settimana #Microsoft ha confermato i suoi piani per eliminare gradualmente #NT #LAN #Manager (#NTLM). L’azienda ha inoltre annunciato una serie di nuove misure protettive volte a #rafforzare la #sicurezza del #sistema operativo.

#redhotcyber #online #it #ai #hacking #innovation #privacy #cybersecurity #technology #engineering #cybercrime #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #infosecurity

https://www.redhotcyber.com/post/addio-ad-ntlm-microsoft-eliminino-a-meta-2024-un-pezzo-di-storia-che-ha-fatto-molto-discutere/

Hoe ntlm uit uw netwerk te verwijderen: een gids voor betere beveiliging https://www.trendingtech.news/trending-news/2024/05/11325/hoe-ntlm-uit-uw-netwerk-te-verwijderen-een-gids-voor-betere-beveiliging #NTLM verwijderen #Netwerkbeveiliging #Kerberos authenticatie #CVE 2023-23397 #Microsoft veiligheidsupdates #Trending #News #Nieuws

Excellent blog post on how to perform NTLM relaying on a compromised Windows client with built-in tools.
Start a ProxyApp using HTTP.SYS (no administrative permission needed), bypass the local firewall and port forward using ssh

https://badoption.eu/blog/2024/04/25/netntlm.html

Toekomstbestendige windows-netwerken: handel nu om voorbereid te zijn op aangekondigde wijzigingen https://www.trendingtech.news/trending-news/2024/05/10527/toekomstbestendige-windows-netwerken-handel-nu-om-voorbereid-te-zijn-op-aangekondigde-wijzigingen #Windows-netwerken #NTLM fase-out #LDAP-signing #Kerberos AES #Server 2025 beveiliging #Trending #News #Nieuws

#Microsoft hat Kundenberichte über #NTLM-Authentifizierungsfehler und hohe Last nach der Installation der #WindowsServer Sicherheitsupdates des letzten Monats bestätigt. https://winfuture.de/news,142582.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia

#Microsoft hatte bereits im Herbst vergangenen Jahres angekündigt, dass man plant, die #NTLM-Authentifizierung in Windows 11 abzuschaffen. Derweil wird jetzt davor gewarnt, dass NTLM-Hashes gestohlen werden: https://winfuture.de/news,141591.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia

This Week in Security: Filename Not Sanitized, MonikerLink, and Snap Attack! - Reading through a vulnerability report about ClamAV, I came across a phrase that f... - https://hackaday.com/2024/02/16/this-week-in-security-filename-not-sanitized-monikerlink-and-snap-attack/ #thisweekinsecurity #hackadaycolumns #securityhacks #clamav #news #ntlm #snap