CSOonline

Malicious email campaign steals NTLM hashes

An initial access broker is able to grab authentication information when a victim opens the email attachments for access to Windows networks. A threat group that acts as an initial access broker is ...
Dark Reading

How to Protect Your Environment From the NTLM Vulnerability

A new zero-day vulnerability in NTLM discovered by researchers at 0patch allows attackers to steal NTLM credentials by having a user view a specially crafted malicious file in Windows Explorer — no ...
heise online

Microsoft takes measures against NTLM relay attacks

One attack vector for gaining access to the network is so-called NTLM relaying. Microsoft is now making this more difficult with new measures. A frequently observed attack vector that criminals use to ...