Category: NTLM

Your Session Key is My Session Key: How to Retrieve the Session Key for Any Authentication

As announced in our recent security advisory, Preempt researchers discovered a critical vulnerability that allows attackers to retrieve the session...
Read Now

Security Advisory: Critical Vulnerabilities in NTLM Allow Remote Code Execution and Cloud Resources Compromise

On June 2019 Patch Tuesday, Microsoft released patches for CVE-2019-1040 and CVE-2019-1019, two vulnerabilities discovered by Preempt researchers. The critical...
Read Now

What State-Sponsored Attacks Can Teach Us About Conditional Access

People often think that state-sponsored attacks from groups like Lazarus (North Korea), Fancy Bear (Russia) or menuPass (China) only target...
Read Now

New Microsoft Exchange Vulnerability Exposes Domain Admin Privileges: Here’s What to Do

Last week, the CERT Coordination Center (CERT/CC) issued a vulnerability note warning versions of Microsoft Exchange 2013, and newer are...
Read Now

The Security Risks of NTLM: Proceed with Caution

NTLM (NT LAN Manager) is Microsoft's old authentication protocol that was replaced with Kerberos starting Windows 2000. It was designed...
Read Now