La firma SMB diventa obbligatoria su Windows: Ecco cosa cambia
#Microsoft ha annunciato che dal 2 giugno tutte le #connessioni alle risorse di rete in #Windows Insider Build 25381 richiederanno la firma #SMB per impostazione predefinita.
Questa è una precauzione contro gli #attacchi di inoltro #NTLM (attacchi come #NTLMRelay), in cui gli aggressori possono falsificare l’identità dei dispositivi sulla rete e assumere il pieno controllo del dominio Windows.
#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #privacy #infosecurity
https://www.redhotcyber.com/post/la-firma-smb-diventa-obbligatoria-su-windows-ecco-cosa-cambia/
#microsoft #connessioni #windows #smb #attacchi #ntlm #NTLMRelay #redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #CyberSecurityAwareness #cybersecuritytraining #CyberSecurityNews #privacy #infosecurity
Another entry in a series on solving esoteric tech problems relatively few people are likely to have: if #pywinrm or a similar tool gives you MD4 related trouble contacting a Windows AD server with #NTLM on Ubuntu 22.04, you might need to add legacy support to your OpenSSL: https://kimvanwyk.co.za/til_230420_1/
Uwaga użytkownicy Outlooka – jednym podstępnym mailem można wyciągnąć Twoje hasło. Wystarczy samo dostarczenie złośliwego maila do ofiary (która nawet nie musi go otworzyć!) CVE-2023-23397
Microsoft załatał właśnie podatność CVE-2023-23397, która opisana jest dość enigmatycznie: Microsoft Outlook Elevation of Privilege Vulnerability. Mniej enigmatyczne jest za to zagrożenie, które zostało oszacowane przez Microsoft jako krytyczne. Podatność jest obecnie aktywnie eksploitowana, a została zgłoszona przez ukraiński CERT. Dość zaskakujący i niepokojący jest następujący fragment opisu błędu. Ofiara...
#WBiegu #Ntlm #Outlook
https://sekurak.pl/uwaga-uzytkownicy-outlooka-jednym-podstepnym-mailem-mozna-wyciagnac-twoje-haslo-wystarczy-samo-dostarczenie-zlosliwego-maila-do-ofiary-ktora-nawet-nie-musi-go-otworzyc-cve-2023-23397/
go-hibp v1.0.6 has just been released, introducing support for NTLM hashes in the PwnedPassAPI (see the announcement by Troy Hunt: https://s.pebcak.de/@troyhunt@infosec.exchange/109833758367903768)
How to find and extract Net-NTLMv2 hashes in network captures for cracking with Hashcat.
#hashcat #wireshark #ntlm #password #pcap
Active Directory Basics - I have just completed this room! Check it out: https://tryhackme.com/room/activedirectorybasics #tryhackme #security #active directory #windows #cloud AD #AD lab #active directory security #AD #defending windows #attacking windows #kerberos #NTLM #domain services #active directory basics #activedirectorybasics via @RealTryHackMe
#tryhackme #security #active #windows #cloud #ad #defending #Attacking #kerberos #ntlm #domain #activedirectorybasics
#tumblesocks #works, but #not behind a #ntlm proxy :/ Such #drama!
#tumblesocks #works #not #ntlm #drama
This is why you configure #ASR rules in #Defender and also switch to #Kerberos rather than #NTLM #SecureYourEnterprise before you get #hacked https://research.ifcr.dk/pass-the-challenge-defeating-windows-defender-credential-guard-31a892eee22
#ASR #defender #kerberos #ntlm #secureyourenterprise #hacked
Currently watching - SANS Workshop – NTLM Relaying 101: How Internal Pentesters Compromise Domains - The presenter is giving really good explanations of how things work. https://www.sans.org/webcasts/sans-workshop-ntlm-relaying-101-how-internal-pentesters-compromise-domains/
#sans #ntlm #llmnr #windows #hacking
L’autenticazione Kerberos di Windows si interrompe dopo gli aggiornamenti di novembre
#Microsoft sta indagando su un nuovo problema che causa errori di accesso #Kerberos e altri problemi di #autenticazione nei #controller di #dominio aziendali dopo l’installazione degli #aggiornamenti cumulativi rilasciati durante il #PatchTuesday di questo mese.
Kerberos ha sostituito il protocollo #NTLM come protocollo di autenticazione predefinito per i dispositivi connessi al dominio su tutte le versioni di #Windows superiori a Windows 2000.
#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #privacy #infosecurity
#infosecurity #privacy #CyberSecurityNews #cybersecuritytraining #CyberSecurityAwareness #cybercrime #cybersecurity #hacking #dataprotection #ethicalhacking #informationsecurity #redhotcyber #windows #ntlm #patchtuesday #aggiornamenti #dominio #controller #autenticazione #kerberos #microsoft
This Week in Security:Breaking CACs to Fix NTLM, The Biggest Leak Ever, and Fixing Firefox by Breaking It
https://hackaday.com/2022/07/08/this-week-in-securitybreaking-cacs-to-fix-ntlm-the-biggest-leak-ever-and-fixing-firefox-by-breaking-it/
#ThisWeekinSecurity #HackadayColumns #SecurityHacks #firefox #News #ntlm #CAC
#ThisWeekinSecurity #HackadayColumns #SecurityHacks #Firefox #news #ntlm #cac
Брутфорс хэшей в Active Directory
#ActiveDirectory #ntlm #hash #brutforce
#PetitPotam : dans l’attente d’un patch de #Microsoft, une solution de contournement pour bloquer les appels distants #EFSRPC !
#PetitPotam #microsoft #EFSRPC #securite #ntlm
#Zerologon : une nouvelle "alternative" a été découverte pour exploiter la #faille ! (PATCH disponible depuis fin Août...)
#Zerologon #faille #securite #Netlogon #smb #ntlm #spooler #chiffrement
New Lemon Duck Malware Campaign Targets IoT, Large Manufacturers - Malware campaign targets global manufacturers that are still dependent on Windows 7 subsystems to ... more: https://threatpost.com/lemon-duck-malware-targets-iot/152596/ #automatedguidedvehicles #servermessageblock #windows7endoflife #sqlinjection #eternalblue #powershell #printers #smarttvs #windows7 #malware #mssql #mysql #xmrig #ntlm #iot #smb
#smb #iot #ntlm #xmrig #mysql #mssql #malware #windows7 #smarttvs #printers #powershell #eternalblue #sqlinjection #windows7endoflife #servermessageblock #automatedguidedvehicles
Beware that the burp proxy is single threaded and very slow, but after some tweaking (increasing the scan threads, disabling logging, etc) I achieved a reasonable scan speed of 10 to 20 req/s. #burpproxy #ntlm #pentesting