Bleeping Computer

Windows 10 themes can be abused to steal Windows passwords

Specially crafted Windows 10 themes and theme packs can be used in 'Pass-the-Hash' attacks to steal Windows account credentials from unsuspecting users. Windows allows users to create custom themes ...
techtimes

Microsoft Outlook Security Flaw Exposed: NTLM v2 Passwords at Risk

A recently addressed security flaw in Microsoft Outlook has been identified as a significant threat, potentially allowing threat actors to exploit it to gain access to NT LAN Manager (NTLM) v2 hashed ...
Bleeping Computer

Microsoft Word subDoc Feature Abused to Steal Windows Credentials

The security research team at Rhino Labs, a US-based cyber-security company, has discovered that malicious actors can use a lesser-known Microsoft Word feature called subDoc to trick Windows computers ...
Infosecurity-magazine.com

TA577 Exploits NTLM Authentication Vulnerability

Cybersecurity researchers at Proofpoint have uncovered a new tactic employed by cybercriminal threat actor TA577, shedding light on a lesser-seen objective in their operations. The group was found ...
Dark Reading

Microsoft NTLM Zero-Day to Remain Unpatched Until April

Microsoft has released fresh guidance to organizations on how to mitigate NTLM relay attacks by default, days after researchers reported finding a NTLM hash disclosure zero-day in all versions of ...
heise online

Windows Networks: Google Mandiant Delivers the Coup de Grâce to Microsoft's NTLM

Google provides assistance in cracking NTLM hashes, provoking Microsoft and also admins who are concerned about the security of their Windows networks. Microsoft's authentication method NTLM is a ...