One attack vector for gaining access to the network is so-called NTLM relaying. Microsoft is now making this more difficult with new measures. A frequently observed attack vector that criminals use to ...

Proof-of-concept exploit code is now public for a vulnerability in Microsoft's Remote Registry client that could be used to take control of a Windows domain by downgrading the security of the ...

Microsoft warns of credential-stealing NTLM relay attacks against Windows domain controllers Your email has been sent Microsoft is sounding an alert about a threat against Windows domain controllers ...

SAN FRANCISCO, June 11, 2019 (GLOBE NEWSWIRE) -- Preempt, the leading provider of conditional access for real-time threat prevention, today announced its research team found two critical Microsoft ...

Microsoft Windows Active Directory Certificate Services (AD CS) by default can be used as a target for NTLM relay attacks, which can allow a domain-joined computer to take over the entire Active ...

Security researcher Filip Dragovic published a new DFSCoerce Windows NTLM relay attack that uses MS-DFSNM (Microsoft’s Distributed File System) to take over Windows domains. Dragovic unveiled the ...

Two Microsoft vulnerabilities, CVE-2019-1040 and CVE-2019-1019, would allow attackers to remotely execute malicious code on any Windows machine or authenticate to any web server that supports Windows ...

Microsoft explained "PetitPotam" NT LAN Manager (NTLM) relay attacks in a Wednesday announcement, while also suggesting that its Microsoft Defender for Identity product was capable of identifying such ...

Microsoft on Monday touted its Azure Advanced Threat Protection (ATP) service as being capable of alerting organizations when they are subject to NT LAN Manager (NTLM) relay attacks. The issue ...

Microsoft's July 2017 Patch Tuesday includes a fix for an issue with the NT LAN Manager (NTLM) Authentication Protocol that can be exploited to allow attackers to create admin accounts on a local ...