Preempt researchers have discovered two vulnerabilities that may allow attackers to bypass a number of protections and mitigations against NTLM relay attacks and, in some cases, to achieve full domain compromise of a network.
What is NTLM?
NT LAN Manager (NTLM) is an authentication protocol developed by Microsoft, used to authenticate a client to resources on an Active Directory domain.
“Interactive NTLM authentication over a network typically involves two systems: a client system, where the user is requesting authentication, and a domain controller, where information related to the user’s password is kept,” Microsoft explains.
“NTLM credentials are based on data obtained during the interactive logon process and consist of a domain name, a user name, and a one-way hash of the user’s password. NTLM uses an encrypt ..
Support the originator by clicking the read the rest link below.
