Infosecurity-magazine.com

Pawn Storm’s Stealthy Net-NTLMv2 Assault Revealed

Pawn Storm, an advanced persistent threat (APT) actor also known as APT28, has been targeting high-value entities globally, employing a range of techniques since at least 2004. Despite relying on ...
Infosecurity-magazine.com

NTLM Hash Exploit Targets Poland and Romania Days After Patch

A vulnerability allowing attackers to leak NTLM authentication hashes with minimal user interaction has been actively exploited just days after Microsoft released a patch. The flaw, tracked as ...
CSOonline

Don’t count on Kerberos to thwart pass-the-hash attacks

Several readers responded to my previous post on pass-the-hash attacks, asking if Kerberos authentication versus LANManager, NTLM, or NTLMv2 was an effective defense. It’s a good question, one that I ...
Windows Central

Google working to fix Chrome flaw that could allow credential theft on Windows

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. A new flaw has been discovered in Google Chrome which could allow malicious actors to steal ...