Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.

An ancient network authentication protocol has received its first death notice. The protocol, which has roots going back to the first local area network days of the 1980s, is called Microsoft NTLM, ...

IT之家 4 月 18 日消息，科技媒体 bleepingcomputer 昨日（4 月 17 日）发布博文，报道称已有证据表明，黑客利用 Windows 漏洞（CVE-2025-24054），在网络钓鱼活动中，通过 .library-ms 文件诱导用户泄露 NTLM 哈希值，从而绕过身份认证和提升权限。 微软已经在 2025 年 3 月的 ...

Two security vulnerabilities in Microsoft's NTLM authentication protocol allow attackers to bypass the MIC (Message Integrity Code) protection and downgrade NTLM security features leading to full ...

IT之家 12 月 9 日消息，第三方安全公司 0Patch 发布了针对 Windows 系统中的一个零日 NTLM 哈希漏洞的修复补丁，该漏洞允许攻击者仅通过被攻击者查看文件资源管理器中的恶意文件所在的文件夹即可劫持凭据，无需实际打开文件。 据IT之家了解，早在 2023 年 6 月 ...

IT之家 12 月 9 日消息，第三方安全公司 0Patch 发布了针对 Windows 系统中的一个零日 NTLM 哈希漏洞的修复补丁，该漏洞允许攻击者仅通过被攻击者查看文件资源管理器中的恶意文件所在的文件夹即可劫持凭据，无需实际打开文件。 据IT之家了解，早在 2023 年 6 月 ...

Microsoft has posted advisory and detailed instructions on protecting Windows domain controllers and other Windows servers from the NTLM Relay Attack known as PetitPotam. The PetitPotam take on the ...

Microsoft warns of credential-stealing NTLM relay attacks against Windows domain controllers Your email has been sent Microsoft is sounding an alert about a threat against Windows domain controllers ...

Microsoft announced that it will disable the 30-year-old NTLM authentication protocol by default in upcoming Windows releases due to security vulnerabilities that expose organizations to cyberattacks.

Microsoft has released fresh guidance to organizations on how to mitigate NTLM relay attacks by default, days after researchers reported finding a NTLM hash disclosure zero-day in all versions of ...