The Hacker News

Where Multi-Factor Authentication Stops and Credential Abuse Starts

Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.
Dark Reading

OPA for Windows Vulnerability Exposes NTLM Hashes

Organizations using Open Policy Agent (OPA) for Windows should consider updating to v0.68.0 or later to protect against an authentication hash leakage vulnerability identified in all earlier versions ...
Infosecurity-magazine.com

NTLM Hash Exploit Targets Poland and Romania Days After Patch

A vulnerability allowing attackers to leak NTLM authentication hashes with minimal user interaction has been actively exploited just days after Microsoft released a patch. The flaw, tracked as ...
techtimes

Microsoft Outlook Security Flaw Exposed: NTLM v2 Passwords at Risk

A recently addressed security flaw in Microsoft Outlook has been identified as a significant threat, potentially allowing threat actors to exploit it to gain access to NT LAN Manager (NTLM) v2 hashed ...
Threat Post

Temporary Patch Released For Adobe Reader Zero-Day

The zero-day flaw in Adobe Reader DC could allow bad actors to steal victims’ NTLM hashes. A temporary patch has been released to address a zero-day vulnerability in Adobe Reader that could enable bad ...
CSOonline

Malicious email campaign steals NTLM hashes

An initial access broker is able to grab authentication information when a victim opens the email attachments for access to Windows networks. A threat group that acts as an initial access broker is ...