Get a Pentest and security assessment of your IT network.

Cyber Security

New Microsoft NTLM Flaws May Allow Full Domain Compromise

Two security vulnerabilities in Microsoft’s NTLM authentication protocol allow attackers to bypass the MIC (Message Integrity Code) protection. Microsoft patched the two flaws and issued security advisories as part of the Patch Tuesday security updates issued yesterday after Preempt s disclosure. The Windows NT (New Technology) LAN Manager (NTLM) authentication protocol is used for client/server authentication purposes to authenticate remote users, as well as to provide session security when requested by app protocols. Preempt researchers Yaron Zinar and Marina Simakov discovered that attackers can exploit these flaws.

Source: https://www.bleepingcomputer.com/news/security/new-microsoft-ntlm-flaws-may-allow-full-domain-compromise/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation